Search Results

< Back Slam Dunk Network Event April 10, 2024 5:30 - 7:30 PM Valley of the Sun Foyer + Oculus Type: Network Event Format: Network Track: Network Forge valuable connections during our first network event of the conference! Connect with an elite squad of TPRM professionals, just like assembling a dream team. Exchange plays, collaborate on strategies, and lay the groundwork for future partnerships that will elevate your TPRM game to championship heights. Enjoy deluxe appetizers and beverages, on-site entertainment, and participate in conference games to collect raffle tickets. Previous Next ​ ​ ​ ​ ​

< Back SOC Reporting "Master Class" April 11, 2024 11:00 - 11:50 AM Laveen Type: Breakout Format: Presentation Track: Rules of the Game (Regulations & Standards (Regulatory Alignment)) Join us as we do our part to ensure Third Party Risk doesn't SOC 2 much, during this deep dive into SOC reporting. We'll be sure to cover: Common SOC mistakes and misconceptions Best practices for audit evidence and documentation Secrets of how we design and test controls Steps to achieve and maintain compliance, and how to hold vendors accountable PRO tips for simplifying SOC and the security circus. Previous Next William Deller | Shareholder – IT Risk Advisory | Schneider Downs As a Shareholder on the IT Risk Advisory team, Bill has over a decade of experience providing first-class consulting, advisory, and assurance services to clients across various industries. Bill leads the TPRM and Cyber GRC practices at Schneider Downs from service scoping to delivery. The TPRM team assists in all aspects of the TPRM lifecycle, but most notably provides external assessor due diligence services on behalf of numerous global institutions to ensure their supply chain security follows industry best practices. The team performs thousands of third-party risk assessments annually and prides itself on its services' quality, efficiency, and integrity. His other specialties include SOC reporting, HIPAA, HITRUST, ISO 27001, GLBA, NIST 800 Series, CIS Cloud Security Controls, organizational policy development, and IT general control testing. Bill cares deeply about organizations taking the optimal approach to TPRM and Cyber GRC maturity. ​ ​ ​ ​

< Back The Art of War: Applying Historic Strategic Insights to Fortify Your TPRM Program April 10, 2024 10:00 - 10:50 AM Valley of the Sun E Type: Breakout Format: Presentation Track: Only the Best Win (Operational Risk & Resilience) Join us for an exploration of strategic insights drawn from the Art of War, revealing valuable lessons that can fortify your Third-Party Risk Management (TPRM) program. As practitioners navigating an unending conflict securing our organizations is an arduous task in itself, but extending that safeguard to our expansive supply chain ecosystem presents an even more formidable challenge. To prevail on this expanding battlefield, we must master the art of adaptation and stay one step ahead of adversaries. This session will delve into the application of historical battlefield wisdom, demonstrating how such lessons can be seamlessly integrated into TPRM strategies, enhancing our capacity to secure both immediate organizational concerns and the broader supply chain landscape. Previous Next Jonathan Ehret | VP Customer Enablement | Risk Recon, A Mastercard Company Jon Ehret is Vice President of Customer Enablement for RiskRecon. Jon brings 20+ years of experience in technology and risk, including extensive experience building, maturing, and running third-party risk programs in both the finance and healthcare industries. Before joining Mastercard, Jon built and lead the third-party risk program for BlueCross BlueShield of WNY and also served as President and Co-founder of the Third-Party Risk Association, an international professional association of third party risk practitioners and vendors. Jon is a frequent speaker at third party-risk conferences and holds a BS in Information Technology from the Rochester Institute of Technology, as well as the CISSP, CISA, and CRISC professional certifications. ​ ​ ​ ​

< Main Page Previous Welcome & Kick-Off 8:55 AM to 9:00 AM Next The Third Party Risk Association was created out of a necessity to build a community of like-minded third party risk professionals to allow for the sharing of best practices, exchanging of ideas, and influencing of an industry. This organization is a 501(c)(6) not-for-profit. ​ Activities in support of this purpose include, but are not limited to: Read More Julie Gaiaschi CEO & Co-Founder of the Third Party Risk Association (TPRA) Julie Gaiaschi, CISA, CISM, is the CEO & Co-Founder of the Third Party Risk Association (TPRA). She has over 15 years of technology and information security risk experience, with the last 10 years specializing in third party risk identification and mitigation techniques. In her role as CEO, she provides strategic direction for the non-profit, whose mission it is to further the third party risk profession through knowledge sharing and networking. She also has a passion for helping others enhance their own third party risk management programs. In 2021, Julie was awarded "CEO of the Year" by Women in Governance, Risk, and Compliance. Prior to co-founding the TPRA, Julie consulted on third party risk for a large bank. She also developed and led a large health payer organization’s Third Party Security program. There, she established and executed the third party ri… Show More Heather Kadavy Senior Membership Success Coordinator of the Third Party Risk Association (TPRA) Heather Kadavy joined the Third Party Risk Association (TPRA) in 2023 as the Senior Membership Success Coordinator. In recent year(s) Heather has been providing freelance TPRM consulting work to various organizations after retiring from a Nebraska financial institution after nearly 35 years where she oversaw and managed critical programs of the organization including Third Party Risk Management, Information Security, Physical Security, Safety, Business Recovery, Financial Crimes, Model Risk Management, and Enterprise Risk Management. In her TPRM role she had oversight of over a thousand third party relationships, systems, due diligence reviews and contract management activities. She developed, facilitated, and implemented training programs for thousands of employees over the years. As well as has served in board of director or leadership team roles to facilitate local, regional and state-wide peer-partnerships meetings between financial institutions, law enforcement, and other industry, external aud… Show More Meghan Schrader Senior Marketing & Communications Coordinator of the Third Party Risk Association (TPRA) Meghan graduated Summa Cum Laude from Trine University in 2022 with a Bachelor of Arts in English and Communications. She was the 2022 Jannen School of Arts and Sciences Distinguished Student of the Year, the Trine University 2022 Robert B. Stewart Award Winner, and was awarded the Gold Key for outstanding academic performance. At Trine, she was the Director of Creative Design for the HAC Media Team and Editor-in-chief of the Writers' Block Literary Journal. She began working as an intern at TPRA in July of 2021 before officially joining the team in June of 2022. In her role as Marketing Coordinator, Meghan provides organization-wide marketing strategy in support of TPRA's mission to further the third party risk profession through knowledge sharing and networking. Meghan currently lives in Fort Wayne, Indiana with her boyfriend and their dog. She has a… Show More

Promote a Job! Looking to hire a talented TPRM professional? Complete the form below to have your TPRM-specific job listing promoted on the TPRA website! Note: TPRA reserves the right to remove any job listing for any reason and without communication to the contact. View Job Listings Contact Information Contact Name Contact Email Organization Job Information Job Title Job Location Job Type Application Deadline Link to Apply Job Description Job Requirements About The Organization Submit Your content has been submitted An error occurred. Try again later

< Back Negotiating Effective Vendor Contracts & Service-Level Agreements April 11, 2024 11:00 - 11:50 AM Valley of the Sun D Type: Breakout Format: Presentation Track: TPRM Fundamentals (TPRM Essentials & Better Practices) Negotiating a third-party vendor contract gives financial institutions the opportunity to protect the FI from hidden costs, mitigate risks and ensure that vendors are working to their full potential. Service-level agreements (SLAs) can help financial institutions meet organizational goals and objectives by motivating vendors to reach guaranteed performance benchmarks—but only if they are written the right way. This session will offer advice for negotiating effective contracts and SLAs. Topics include: Three phases of contract negotiation: assessment, planning and negotiation Identifying key provisions and what your contract really says Choosing smart measurements and benchmarks for SLAs Creating enforceable consequences Monitoring SLA compliance Common mistakes Previous Next Michael Berman | CEO | Ncontracts Michael Berman is the founder and CEO of Ncontracts, one of the fastest-growing risk management companies in the financial services industry. A risk management evangelist, he combines decades of legal and regulatory experience with an extensive background in business strategy to solve operational risk management challenges. Mr. Berman is an in-demand speaker, a frequent contributor to industry publications, and the author of The Upside of Risk: Turning Complex Burdens into Strategic Advantages for Financial Institutions. Prior to founding Ncontracts, he served as General Counsel for Goldleaf Financial Solutions, Tecniflex, Inc. and Imagic Corporation. Mr. Berman received his undergraduate degree from Cornell University and holds a J.D. degree from the University of Tennessee. ​ ​ ​ ​

TPRA Application First name Last name Email Phone Applying for Select position Start Date Street Address City Region/State/Province Postal / Zip code Country Country Upload Resume Upload File Upload supported file (Max 15MB) Apply

Upload CPEs Here View My CPEs Upload and keep track of any CPEs you have received (from any organization) here. Please keep in mind, TPRA will not upload CPE credits on your behalf. Please be sure to upload TPRA CPEs as you receive them. Name Email Training Date Training Title/Description How many CPE credits are you claiming at this time? Upload CPE certificates here (up to 30 files) Upload Files Submit Your content has been submitted An error occurred. Try again later

< Back Regulatory Change Management April 11, 2024 3:10 - 4:00 PM Laveen Type: Breakout Format: Presentation Track: Rules of the Game (Regulations & Standards (Regulatory Alignment)) This session will combine regulatory adherence and keeping pace with regulatory change, as well as provide guidance on how to conduct regulatory change management. Previous Next Julia Yuabov | Director, Third Party Compliance | KPMG LLP Julia Yuabov is a seasoned third party risk professional with legal training and experience in financial as well as professional services industries. Currently, Julia serves as a Director of Third Party Compliance at KPMG US. Julia holds a Bachelor of Science degree from Fordham University and Juris Doctor degree from Widener University School of Law. While started out in legal, Julia spent majority of her career in risk and compliance allowing her to apply her legal training and expertise in third party risk management to successfully design, develop, implement, and operationalize third party risk management programs to safeguard company’s reputation and capital. Julia currently resides in South New Jersey with her husband and three kids. ​ ​ ​ ​

< Back Third-Party Risk Management: It's Time to Change How You Approach Vendor Assessments April 10, 2024 10:00 - 10:50 AM Ahwatukee Type: Breakout Format: Presentation Track: Innov-AI-tion Slam Dunk (Innovation & Automation) The gap is widening. Your Third-Party Risk Management (TPRM) challenges aren't getting any easier -- onboarding still takes too long; you have a backlog of assessment work; and you're not covering as much of your vendor portfolio as you know you should. There are more vendors every day and there is more work to do, yet your TPRM resources have stayed relatively flat. It's impossible to keep up. It doesn't have to be that way. Forward-thinking TPRM teams are changing the way they approach vendor assessments. They're updating yesterday's outdated practices with new ways of thinking and game-changing technologies. As a result, they are systematically closing their TPRM vulnerability gaps -- assessing a larger portion of vendors -- with more rigor than before -- while reducing cycle times and backlog. Join this informative session for a new approach to an old problem. We'll discuss how to: Establish a Universal Data Core for TPRM: TPRM is a data problem. Learn how to build a program foundation via a single source of truth for all Third-Party Risk Management information. Leverage a Global Risk Exchange: Reduce assessment time and obtain questionnaire responses from hard-to-reach vendors, saving valuable resources. Elevate Human Performance with AI: Implement cutting-edge AI technologies to extend coverage across your entire vendor portfolio, not just your high-risk vendors. Transform Your Program: Change the perception of TPRM from a corporate annoyance to a critical function, opening doors to bigger roles in the company. Previous Next Ed Thomas | Senior Vice President | ProcessUnity Ed Thomas leads ProcessUnity’s marketing team and is responsible for the company’s awareness, demand generation and thought-leadership programs. In his marketing and sales operations roles at ProcessUnity, Cura Software Solutions and OpenPages (now IBM), Ed has helped hundreds of organizations streamline their risk and compliance programs using next-generation automation tools. ​ ​ ​ ​

< See All < Previous Next > Olga Baldwin VP, Vendor Management Axiom Bank Biography Olga started working in third party risk management in 2008 in a private company. She has worked in several industries such as banking, insurance, and airline. She specializes in building TPRM programs, developing policies, procedures, change management, system implementation and remediation of TPRM program deficiencies. Leadership Characteristics Olga is very analytical and a fast learner. She is able to analyze a program, identifying any areas for improvement by utilizing her knowledge and lessons learned from previous TPRM programs. She enjoys her work and always ensures her teams are well trained and positioned for success. Leadership Challenges The biggest challenge for Olga is perfection. She sometimes spends extra time to ensure the reports and presentations look flawless. Even through it is important but not always possible. She always thrives for success and looks for opportunities for improvement and efficiencies in processes. Key Take-a-ways Olga enjoys Third Party Risk Manageement. It is important to remember that even though TPRM is a regulatory requirement, it's primary goal is to define the risk exposure and ensure management is aware what level of risk the organization is operating with to make decisions in line with the organization risk appetite. Fun Fact Olga loves traveling with her family. They recently moved to another state and have been busy exploring a new area during the weekends and holidays.

TPRA 2024 Virtual Conference Beyond Compliance: Cultivating Sustainable Partnerships for Resilient Growth Agenda Wednesday, April 24, 2024 at 4:00:00 PM UTC Track 2 Speaker 2 Demo 2 Read More Wednesday, July 17, 2024 at 4:00:00 PM UTC Track 1 Speaker 1 Demo 1 Read More