This training program will examine who are third party vendors and analyze why it is critical to prepare a risk assessment for third parties. The course will also offer an overview of the potential risks a third party vendor may impose on your firm.
On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) issued the 2015 Cybersecurity Examination Initiatives. One of those initiatives relates to how financial firms are conducting due diligence reviews of their Vendors. Many firms are not prepared to conduct this type of due diligence on the firms they partner with. Many of the third party vendors, such as the firm’s CPAs, program providers and outsourced IT firms may not even realize they are subject to this type of scrutiny from their clients, or even understand how to answer their questions. With cyber security and privacy Issues being an on-going area of concern for all areas of finance, the third party vendor and risk assessment will be a focus of regulatory exams as well as a significant business process for years to come.
- Rules, regulations and best practices concerning third party risk assessment
- Who are third party vendors?
- Determination of the third parties
- The questions to ask third parties
- Why it is critical to prepare a risk assessment on the third parties?
- Best practices for monitoring the progress of the assessment
- Suggestions on the documentation of the assessment
- An overview of the potential risks a third party vendor may impose on your firm.
- What those risks could mean for the end-clients, the investors.
- Educating existing third party vendors on why this type of due diligence is being conducted
- Creating policies for onboarding new third party vendors
- Ways to work with the third party vendors to help mitigate the risks.
- How to select a background firm and audit your current screening practices
- Audit and Compliance Personnel
- Risk Managers
- Operations Managers
- Chief Operating Officers
- CPA Firms
- Investment Management/Portfolio Managers
- Compliance Consulting Firms
- Outsourced IT Firms/Cyber Security Firms
- Client Service Managers
- Human Resources Personnel in Finance or IT