Strategies to Mitigate the Cost of a Risky Third-Party Relationship
|
|
- Warren Horn
- 5 years ago
- Views:
Transcription
1 Strategies to Mitigate the Cost of a Risky Third-Party Relationship
2 Experts on Panel Linda Tuck Chapman President, Ontala SIG: Sourcing Resource Center Chair, Thought Leaders Council Manu Gopeendran Senior Director MetricStream RMA: Third Party Risk Management Roundtable Facilitator, Trainer, Subject Matter Expert Shared Assessments Group Advisory Board 2017 MetricStream, Inc. All Rights Reserved.
3 Linda Tuck Chapman A recognized expert in third-party lifecycle and risk management. outsourcing governance and third-party optimization Career highlights: CPO, BMO Financial Group President & CEO Education Marketplace CPO, Fifth Third Bank CPO and VP Executive Shared Services, Scotiabank Group Third Party Management Leadership Profile: Linda Tuck Chapman President, ONTALA lindatuckchapman@ontala.com Author: RMA Journal, Wall Street Risk Journal, industry publications Author: Third Party Lifecycle and Risk Management What You Should Know (will be published by RMA in late 2017) RMA: Third Party Management Specialist, Facilitator, Trainer SRC: Chair, SRC Thought Leaders Council SHARED ASSESSMENTS GROUP: Advisory Board member CORE: Lecturer 2016 ONTALA Performance Solutions Ltd.. Proprietary Information. Do not copy or distribute.
4 Third party management something old and something new Companies in every industry, nationally and globally, are making significant strategic and tactical investments in upgrading their third party management. Investments within their business segments, corporate functions, and risk-control specialist functions, with heightened accountability across senior management and boards of directors. The goal is to avoid or minimize the impact of third party issues and incidents that can affect Market their reputation, Trends operations, customers and bottom line. Third party management programs, people, processes and tools senior management and accountable stakeholders mean a deeper and broader understanding of an increasingly complex operating ecosystem and heightened threat landscape by: 1.Targeted, systematic rigor during screening and selection; 2. Sharper focus on third party risks and their controls; 3.Intensified, prescribed management and oversight 2016 ONTALA Performance Solutions Ltd.. Proprietary Information. Do not copy or distribute.
5 What s a third party? The RMA third party risk management Steering Committee developed these definitions to improve communication across the sector and with internal stakeholders. These definitions have been widely adopted. An entity, including an affiliate, that has a business relationship with the firm or its customers and is not itself a customer. Third party relationships include: Vendor third party Non-Vendor third party "Vendor" third parties are service providers that provide a product or service to the firm. These relationships are typically sourced through a sourcing/procurement process. Payment is typically transacted by Accounts Payable. "Non-vendor" third party relationships are typically acquired by a business line/segment directly, not through a sourcing/procurement function. Financial remuneration, if applicable is typically transacted outside of Accounts Payable processes. These relationships may be managed solely by a business line/segment, or managed in conjunction with a corporate risk management function. Source: RMA Third Party Risk Management Roundtable ONTALA Performance Solutions Ltd.. Proprietary Information. Do not copy or distribute.
6 Complementary frameworks. improve clarity and communication Operating Framework Third party management is a team sport that consumes a significant amount of resources Governance Framework Standardized, repeatable processes enable impartial assessments, conclusions and actions. Source: Linda Tuck Chapman (2017) Trying to do this manually is inefficient and ineffective, and will get in the way of predictable risk, cost and performance management of your critical third parties Ontala Performance Solutions Ltd 2016 ONTALA Performance Solutions Ltd.. Proprietary Information. Do not copy or distribute.
7 Some risks are common to most companies and sectors don t waste time reinventing the wheel Information and Cyber Security Business Interruption Financial Strength Performance 2016 ONTALA Performance Solutions Ltd.. Proprietary Information. Do not copy or distribute.
8 Business benefits should outweigh costs Third Party Management is a set of co-dependent people, policies, processes and practices.. that deliver your firm s value proposition, products and services. regardless of whether services are delivered internally or by a third party ONTALA Performance Solutions Ltd.. Proprietary Information. Do not copy or distribute.
9 Is task management superseding risk management? Too many relationships for similar services Activities are too frequent Unnecessary due diligence Unnecessary controls One size fits all Limited re-usability Slow response times Limited insight Third Third Party Third Party Party Third Third Party Third Party Third Party Third Party Third Party Third Party Third Party Party Thousands of relationships. Tens of thousands of man hours. How do we achieve efficiency AND effectiveness? 2016 ONTALA Performance Solutions Ltd.. Proprietary Information. Do not copy or distribute.
10 Third party mgmt. program are expensive to run.. typically ~ $5 and $35 million a year Cost Drivers Estimate ($$ thousands) Technology $ PRM office $ 350-5,000 Risk specialists $ 1,000-10,000 Legal services $ 700-6,000 Compliance/Ops Risk $ 900-4,000 Relationship Mgrs. $ 1,250-7,000 Accountable Execs $ Sr. Mgmt. oversight $ Board involvement $ Risk Oversight $ Issue Management $ 150-1,000 Regulatory & Reporting $ By [[user:]] - Own work, CC BY-SA 3.0, ONTALA Performance Solutions Ltd.. Proprietary Information. Do not copy or distribute.
11 Anything this expensive needs to add value Be careful how and which third parties you let in Select the right relationships that meet business needs within the minimum of risk Mitigate risks using proven expertise in deal structuring, educating your third parties, asking the right questions Build strong defenses: common-sense, risk-adjusted contract terms and conditions that will help control real risks Service and Operating Level Agreements: should be crisp, concise, and measure the right things in the right way Black Box thinking means acting on experience Challenge poor decisions that introduce unacceptable or unnecessary risks but you ll need courage, expertise and support from the top 2016 ONTALA Performance Solutions Ltd.. Proprietary Information. Do not copy or distribute.
12 Be a leader: Observe. Think. Act. Minimize work effort and cycle time Create actionable reporting Deliver thoughtful insight and recommendations Strengthen controls, as needed Analyze trends. Action the bad ones Structure deals and contracts using what you ve learned Be a Black Box thinker Collaborate across the sector Learn from other industries Don t lose your business focus / risk management balance 2016 ONTALA Performance Solutions Ltd.. Proprietary Information. Do not copy or distribute.
13 Strategies to Mitigate the Cost of a Risky Third-Party Relationship Manu Gopeendran Senior Director MetricStream
14 Evolution of Third-Party Management Managed in Siloes Limited to specific risks - Financial, legal etc. Scope Scope Convergence with Cybersecurity and BCM Align with ERM program Holistic view for overall risk exposure Cost, Relationships Unregulated By Sourcing, Procurement Of only third-parties Same approach for all third-parties Drivers Management Technology Then Now Technology Drivers Management Risk, Criticality Tightly Regulated Third and fourth parties Greater focus on most critical and risky third parties Manual (Spreadsheet Based) Siloed, Fragmented On-Premise Automated Workflows GRC Platform Based Cloud Based 2017 MetricStream, Inc. All Rights Reserved.
15 Loss Impact Due To Vendor Risk Exposure Source: MetricStream TPRM Research Report MetricStream, Inc. All Rights Reserved.
16 Understanding Risks in Third Party Relationships Which risk parameters are most important when evaluating third parties? Source: MetricStream Research *Respondents could choose more than one option 2017 MetricStream, Inc. All Rights Reserved. Data protection/privacy Financial viability Ability to maintain service levels Regulatory compliance requirements IT Security Business continuity risks Vendor s management (experience, turnover) Vendor s regulatory and legal environment Additional vendors in the vendor s supply chain Business model compatibility Vendor s employees Geopolitical environment Trustworthiness of public disclosures Architectural compatibility Currency fluctuations 5% 3% 3% 2% 9% 12% 16% 19% 33% 45% 59% 59% 57% 57% 67%
17 Measures Taken By Organizations To Prevent Future Risk Incidents After an incident, what measures have been taken to prevent future risk incidents? Collaborate with the third party 75% Re-assess the risk of the third party 50% Modify contract terms 42% Increase the frequency of assessments 25% Reduce business volume Temporarily suspend business relationship 17% 17% Terminate the business relationship 0% 0% 10% 20% 30% 40% 50% 60% 70% 80% *Respondents could choose more than one option 2017 MetricStream, Inc. All Rights Reserved.
18 Standardize Third Party Management Program with Technology Risk Intelligence Content 2017 MetricStream, Inc. All Rights Reserved.
19 Streamline and Standardize Third- part Management across Enterprise Capture and manage vendor hierarchy Sub-contractor, facility, product, services Facilitate vendor access to information Profile and certification updates Define standard process, checklists across departments Ensure all aspects are being assessed during onboarding (IT, Financial, BCM etc.) Assign risk rating, segment vendors Workflows to review and approve assessments and results Algorithms to automatically score and rate responses Screen your vendors for Sanctions lists Regulatory, law enforcement, and watch lists Adverse Media Politically-exposed persons and stateowned enterprises 2017 MetricStream, Inc. All Rights Reserved.
20 Integrate Risk Analysis & Rating by Combining Insights External Content / Alerts Internal Risk Assessments Consolidated Risk Rating, KRIs Track and Remediate Issues 2017 MetricStream, Inc. All Rights Reserved.
21 Establish closed-loop processes for risk mitigation Track risk mitigation actions Initiate actions based on red flags Ensure timely competition of risk mitigation activities with automated reminder notifications and escalations Collaborate with vendors to resolve issues View and implement actions raised for issues Create actions and assign it to action owner for implementation Improve monitoring of red flags View issue status and issues by type charts Provide reports & dashboards that allow vendors to monitor their status and performance 2017 MetricStream, Inc. All Rights Reserved.
22 Ensure Contract Compliance Contract Compliance Centralized repository for contracts and other certifications Automated alerts and reminders for expiry/renewal Manage contract termination Define performance metrics and scorecards KPIs based on contracts, policies Map scores for KPIs Define KRI for alerts based on thresholds 2017 MetricStream, Inc. All Rights Reserved.
23 Benefits of Adopting a Technology Framework Standardizes on-boarding process across enterprise Selection of vendors, usage across projects and services Provides Real-time visibility on vendor security profile and risks Comprehensive assessment capabilities, real-time monitoring through third-party tools Tracks TP performance & contract compliance risks Define contract SLAs, track vendor performance Enables integrated risk management Flexibility to adopt a federated approach to Enterprise, IT, Third Party Risk Management 2017 MetricStream, Inc. All Rights Reserved. Meets regulatory req. & standards OCC, FFIEC, PCI, etc. Predicts potential vendor risks Maps third-party relationships, co-relates data from multiple sources
24 About MetricStream Vision Integrated Governance, Risk and Compliance for Better Business Performance Solutions Risk Management IT Risk Management Business Continuity Management IT Compliance Management SOX Compliance Management Enterprise Risk Management Internal Audit Management Compliance Management Policy and Document Management Regulatory Change Management Organization Over 1,400 employees Headquarters in Palo Alto, California with offices worldwide Over 400 enterprise customers Privately held Backed by global leading VCs, Sage View Capital, Goldman Sachs Differentiators Technology - GRC Platform 9 Patents Breadth of Solutions Single Vendor for all GRC needs Cross-industry Best Practices and Domain Knowledge ComplianceOnline.com - Largest Compliance Portal on the Web 2017 MetricStream, Inc. All Rights Reserved.
25 GRC for High Performers Days Speakers Sessions Attendees MetricStream GRC Summit 2017 Date: November 6-7, 2017 Location: Lancaster London Hotel, London, UK Register now Use Discount Code WEB200 & Register Now for JUST 599
26 Q&A Linda Tuck Chapman Manu Gopeendran Thank you for joining us! A copy of this presentation will be made available to all participants in next 48 working hours. Contact Us: Website: webinar@metricstream.com 2017 MetricStream, Inc. All Rights Reserved. Phone: USA
Third-Party Risk Management: Driving Enterprise Value. Linda Tuck Chapman
Third-Party Risk Management: Driving Enterprise Value Linda Tuck Chapman lindatuckchapman@ontala.com 416.452.4635 917.831.2923 Linda Tuck Chapman Career highlights: President, Ontala Performance Solutions
More informationBuilding a Framework for Effective Third-Party Risk Management (TPRM)
Building a Framework for Effective Third-Party Risk Management (TPRM) GARP Webcast Series On24 Tech Tips Brenda Boultwood Christopher Thackray APRIL 2016 Make sure your speakers are on Hit F5 any time
More informationThird Party Risk Management ( TPRM ) Transformation
Third Party Risk Management ( TPRM ) Transformation September 20, 2017 Internal use only An introduction to TPRM What is a Third Party relationship? A Third Party relationship is any business arrangement
More informationBest Practices: Vendor Risk Questionnaires PROCESSUNITY WEBINAR SERIES
Best Practices: Vendor Risk Questionnaires PROCESSUNITY WEBINAR SERIES Today s Presenters Tom Garrubba Senior Director Shared Assessments Bryan Burnhart Head of Strategic Alliances ProcessUnity Ed Thomas
More informationHow to Measure the Value of Your Internal Audit Group
How to Measure the Value of Your Internal Audit Group Best practices to follow, pitfalls to avoid and success metrics to measure May 17, 2012 Agenda Strategic challenges: Implications for the enterprise
More informationEnterprise Compliance Management for Credit Unions
Enterprise Compliance for Credit Unions Streamline Regulatory Compliance with a Unified Platform to Manage Requirements and Demonstrate Compliance to Regulators Industry Challenge Credit unions are subject
More informationOptimizing an Enterprise Wide Effective Vendor Risk Management Program. Pam Schott Head and VP Enterprise Supplier Governance
Optimizing an Enterprise Wide Effective Vendor Risk Program Pam Schott Head and VP Enterprise Supplier Governance June 1, 2015 Emerging Industry Trends As Procurement organizations mature; their focus
More informationDNA of Great Vendor Management:
DNA of Great Vendor Management: How to Get It Right Using Automation Ancestry Trevor Lucas Sr. Director, Partner Management Enlighta Nipun Sehgal President & CEO sig.org/eval Trevor Lucas Senior Director,
More informationIdentity and Access Management. Program Primer
Identity and Access Program Primer Executive Summary The role of identity in the modern enterprise has been steadily growing in importance over the last decade. As the enterprise technology stack continues
More informationUSAA's Supplier Governance Transformation that Optimizes Value and Addresses Risk
USAA's Supplier Governance Transformation that Optimizes Value and Addresses Risk USAA Glenn Ellis Director, USAA Supplier Management Enlighta Nipun Sehgal CEO www.sig.org/eval USAA s Supplier Governance
More informationMEGA S SOLUTIONS FOR GOVERNANCE, RISK, AND COMPLIANCE
MEGA S SOLUTIONS FOR GOVERNANCE, RISK, AND COMPLIANCE Give your board a real-time, 360⁰ vision of the Corporate Governance framework REGULATORY COMPLIANCE Rc INTERNAL CONTROL Ic INTERNAL AUDIT Ia Rm RISK
More informationAn Executive Guide to Third Party Management
An Executive Guide to SIG Global Summit October 14 16, 2014 Executive Summary Companies... should take a hard look at the agents conducting business on their behalf. Kara Brockmeyer, chief of the SEC Enforcement
More informationCrowe Caliber. Using Technology to Enhance AML Model Risk Management Programs and Automate Model Calibration. Audit Tax Advisory Risk Performance
Crowe Caliber Using Technology to Enhance AML Model Risk Management Programs and Automate Model Calibration Audit Tax Advisory Risk Performance The Unique Alternative to the Big Four Crowe Caliber: Using
More informationCase Study Webinar: Vendor Risk Management at Global Lending Services
Case Study Webinar: Vendor Risk Management at Global Lending Services Al Palmer, SVP Compliance, Global Lending Services LLC (GLS) Melissa Brown, Compliance Manager, Global Lending Services LLC (GLS) John
More informationThe velocity of change
5Insights for executives The answers in this issue are supplied by: Bob Sydow Area Center of Excellence Leader +1 513 612 1591 bob.sydow@ey.com David Nichols CIO Services Leader +1 312 879 2717 david.nichols@ey.com
More informationSOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER
EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER ARRIVAL OF GDPR IN 2018 The European Union (EU) General Data Protection Regulation (GDPR) that takes effect in 2018 will bring changes for
More informationThird-Party Risk: The Examiners are Coming!
Third-Party Risk: The Examiners are Coming! Brad Keller, Sr. Director, 3rd Party Strategy Prevalent Inc. Hosted by Compliance Week s assistant director of events & programs, Tsvetelina Gabin. 1 Agenda
More informationProduct Safety Compliance and Testing Programs
Product Safety Compliance and Testing Programs Mitigate Risks and Ensure Compliance in the Supply Chain 2014 MetricStream, Inc. All Rights Reserved. Experts on Panel Moderator Speakers Andy Polk Vice President
More informationRegulatory Change Management. French Caldwell, Chief
Regulatory Change Management French Caldwell, Chief Evangelist @itguru Preserve Protect Perform 3 The GRC Promise I promise to do my best to: Preserve our corporate integrity, Protect our reputation and
More informationEnsuring Organizational & Enterprise Resiliency with Third Parties
Ensuring Organizational & Enterprise Resiliency with Third Parties Geno Pandolfi Tuesday, May 17, 2016 Room 7&8 (1:30-2:15 PM) Session Review Objectives Approaches to Third Party Risk Management Core Concepts
More informationRSA Solution for egrc. A holistic strategy for managing risk and compliance across functional domains and lines of business.
RSA Solution for egrc A holistic strategy for managing risk and compliance across functional domains and lines of business Solution Brief Enterprise Governance, Risk and Compliance or egrc is an umbrella
More informationRSA ARCHER INSPIRE EVERYONE TO OWN RISK
RSA ARCHER INSPIRE EVERYONE TO OWN RISK Executive Priorities Growth is the highest priority 54 % 25 % Technology initiatives are second priority Business Growth & Technology Copyright 2016 EMC Corporation.
More informationSOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER
EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER ARRIVAL OF GDPR IN 2018 The European Union (EU) General Data Protection Regulation (GDPR), which takes effect in 2018, will bring changes
More informationA Case Study: How Effective Risk Management Drives Global Supply Chain Optimization.
A Case Study: How Effective Risk Management Drives Global Supply Chain Optimization JLL Maureen Ehrenberg Executive Managing Director Hiperos Michele Flynn Founder & Vice Chairman DENVER FALL 2014 SU MMIT
More informationLEADING WITH GRC. The Return of the ERM Extending Beyond It s Past Scope. Brenda Boultwood, SVP Industry Solutions, MetricStream
LEADING WITH GRC The Return of the ERM Extending Beyond It s Past Scope Brenda Boultwood, SVP Industry Solutions, MetricStream The Return Of The Jedi Extending beyond its past scope June 7, 2017 In Today
More informationRSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, anti-virus, intrusion prevention systems, intrusion
More informationSAP Road Map for Governance, Risk, and Compliance Solutions
SAP Road Map for Governance, Risk, and Compliance Solutions Q4 2016 Customer Disclaimer The information in this presentation is confidential and proprietary to SAP and may not be disclosed without the
More informationRisk & Compliance. the way we do it. QualityData Advantage. for Basel Compliance
Risk & Compliance the way we do it QualityData Advantage SM for Basel Compliance Data Quality: The Foundation for Basel While data quality has been a hot topic in the industry for years, operationalizing
More informationVendor Management Risk Mitigation:
Vendor Management Risk Mitigation: The Importance of Having a Formalized Methodology Sun Life Financial Laura Williams AVP, Procurement Opus Sam Mele Vice President Sales sig.org/summit Case Study: Supplier
More informationContract Management. Contract Management is an easy-to-use, Cloud-based Contract Management system
Contract Management Contract Management is an easy-to-use, Cloud-based Contract Management system People. Partnerships. Solutions. We re Advanced. We re a leading provider of software solutions and IT
More informationDriving healthy growth
Health Care Of special interest to Boards of directors The C-suite Health care executives 5Insights for executives Driving healthy growth The value of a proactive stance to compliance Organizations throughout
More informationVendor Due Diligence: Keep The Risk Out!
Vendor Due Diligence: Keep The Risk Out! August 25, 2015 2015 ProcessUnity, Inc. All Rights Reserved. ProcessUnity Risk Suite Comprehensive, Flexible, Scalable RISK SUITE Enterprise Risk Regulatory Compliance
More informationEXECUTIVE ERP. EVALUATION AND INVESTMENT ROADMAP Developed for the Modern Business
EXECUTIVE ERP EVALUATION AND INVESTMENT ROADMAP Developed for the Modern Business TABLE OF CONTENTS Executive ERP Evaluation and Investment Roadmap Developed for the Modern Business Read Time: 17 minutes
More informationRisk Advisory Services Developing your organisation s governance for competitive advantage
Advisory Services Developing your organisation s governance for competitive advantage The Deloitte Advisory Platform of Services can help you to govern your strategic plan to guide your operations measure
More informationThe Future of Accounts Payable
May 7-9, 2017 Disney s Yacht & Beach Club Resorts, Florida The Future of Accounts Payable Presented by: Mark Brousseau May 7-9, 2017 Disney s Yacht & Beach Club Resorts, Florida Accounts Payable Automation
More informationThe Future of Accounts Payable
November 12-14, 2017 Bellagio Resort & Casino, Las Vegas The Future of Accounts Payable Presented by: Mark Brousseau November 12-14, 2017 Bellagio Resort & Casino, Las Vegas Accounts Payable Automation
More informationKey Questions for Your Functional Partners. Improving Cross-Functional Collaboration in Compliance Program Activities
Key Questions for Your Functional Partners Improving Cross-Functional Collaboration in Compliance Program Activities WHAT IT MEANS TO BE BUILT-IN This report will help integrate compliance and ethics programs
More informationNEW RULES OF ERP. At a Glance
NEW RULES OF ERP At a Glance Today s manufacturer faces an ever-changing set of challenges. Customer requirements, rising numbers of orders, mergers and acquisitions, along with other demands, all impact
More informationSolution Track 5. Managing Vendor Risk and Contingency Plans. March 26, Strategic BCP, Inc. All rights reserved. strategicbcp.
Managing Vendor Risk and Contingency Plans Terence Lee Solution Track 5 March 26, 2017 Strategic BCP, Inc. All rights reserved. strategicbcp.com 1 Agenda: 60 Minutes Introduction What is Third Party Vendor
More informationThe Next Level of Controls Automation: How you can fully automate controls testing in financial systems by combining MetricStream and IRC
The Next Level of Controls Automation: How you can fully automate controls testing in financial systems by combining MetricStream and IRC Christina Spies, Infor, Account Executive Infor Risk and Compliance
More informationInternal audit insights High-impact areas of focus
Internal audit insights High-impact areas of focus Introduction In any organization, there are numerous areas where Internal Audit s objectivity, perspective, and skills can assist stakeholders and provide
More informationOrder to Cash. Achieve Visibility, Process Efficiency, and Customer Satisfaction with Future-proof End-to-End Automation
Order to Cash Achieve Visibility, Process Efficiency, and Customer Satisfaction with Future-proof End-to-End Automation Be on Top of Your Cash Optimize Cash Flows and Working Capital with Streamlined Inbound
More informationRight-sizing SOX Frameworks with Risk Management. Chris McClean Vice President, Research Director
Right-sizing SOX Frameworks with Risk Management Chris McClean Vice President, Research Director Presenters Chris McClean Vice President, Research Director Serving Security & Risk Professionals Forrester
More informationVendor Cloud Platinum Package: Included Capabilities
Solution Overview Third-Party Risk Management Vendor Cloud Platinum Package: Included Capabilities The Vendor Cloud Platinum package provides the highest level of risk management capabilities, offering
More informationCLEAR GOAL. Satisfy Regulatory Demands. Mitigates Current Risk Effectively. Provides Meaningful Information About Program Effectiveness
Catalog # 3 Regulatory Interconnected 4 Growth Hyper Building Predictive Monitoring Capabilities SCCE Conference October 205 Las Vegas, Nevada CEB Compliance & Ethics Leadership Council Project # 4365
More informationOptiv's Third- Party Risk Management Solution
Optiv's Third- Party Management Solution Third-Party Relationships Pose Overwhelming To Your Organization. Data Processing 641 Accounting Education 601 Payroll Processing Call Center 452 400 901 Healthcare
More informationNavigating the New Health Economy
Navigating the New Health Economy How non-traditional healthcare players are using the HITRUST CSF to drive their security programs forward Speakers Dennis Quandt Risk Assurance Director, PwC Boston, MA
More informationProcurement Transformation on the Fast Track: Doing More with Less
Procurement Transformation on the Fast Track: Doing More with Less February, 2010 ProcureAbility Presenters John Evans President and CEO ProcureAbility jevans@procureability.com 2 AN APPROACH UNHEARD OF
More information5 Core Must-Haves for Improved Internal Audit Performance. Copyright 2018 AuditBoard Inc. 1
5 Core Must-Haves for Improved Internal Audit Performance Copyright 2018 AuditBoard Inc. 1 Introductions Built by experienced auditors, AuditBoard allows enterprises to collaborate, manage, analyze and
More informationTurn Your Business Vision into Reality with Microsoft Dynamics GP
Turn Your Business Vision into Reality with Microsoft Dynamics GP You have worked hard to build a vision for your business. With a business solution from Microsoft, you can turn that vision into reality.
More informationOneShield Life Solution for Private Placement Life Insurance (PPLI)
OneShield Life Solution for Private Placement Life Insurance (PPLI) An automated and configurable policy lifecycle management platform designed for PPLI providers. OneShield.com An automated, pre-built,
More informationData rich and regulation wary
Data rich and regulation wary Improving risk compliance in today s data rich environment kpmg.com Key highlights Expect regulatory and Increase data and security 1 policy focus 2 controls 3 Personal consumer
More informationRSA. Sustaining Trust in the Digital World. Gintaras Pelenis
1 RSA Sustaining Trust in the Digital World Gintaras Pelenis +370 698 75456 Gintaras.pelenis@emc.com 2 IN 2011 THE DIGITAL UNIVERSE WILL SURPASS 1.8 ZETTABYTES 1,800,000,000,000,000,000,000 3 $ 4 5 Advanced
More informationRISK: The 4-Letter Word Your Mother Never Told You About. BravoSolution Mickey North Rizza VP Strategic Services.
RISK: The 4-Letter Word Your Mother Never Told You About BravoSolution Mickey North Rizza VP Strategic Services www.sig.org/eval RISK: The 4 Letter Word Your Mother Never Told You About Mickey North Rizza
More informationNETWORKING EVENTS. The SIG Webinar will begin shortly. Once the webinar begins, the sound will come from your computer speakers.
The SIG Webinar will begin shortly. Once the webinar begins, the sound will come from your computer speakers. In the meantime, please take a look at the upcoming SIG networking events listed on the right
More informationTransform Procurement with Integrated Processes
Transform Procurement with Integrated Processes Dr. Marcell Vollmer, CPO, SAP SE #SAPPHIRENOW Public Agenda 1 2 3 SAP at a Glance Future Trends and Innovations in Procurement SAP s Evolution of Procurement
More informationEffects of GDPR and NY DFS on your Third Party Risk Management Program
Effects of GDPR and NY DFS on your Third Party Risk Management Program Please disable popup blocking software before viewing this webcast June 27, 2017 Grant Thornton LLP. All rights reserved. 1 CPE Reminders
More informationNETWORKING EVENTS. The SIG Webinar will begin shortly. Once the webinar begins, the sound will come from your computer speakers.
The SIG Webinar will begin shortly. Once the webinar begins, the sound will come from your computer speakers. In the meantime, please take a look at the upcoming SIG networking events listed on the right
More informationSustainable Identity and Access Governance
Business White Paper IDENTITY AND SECURITY Sustainable Identity and Access Governance Sustainable Identity and Access Governance Table of Contents: 2..... Enterprise Access Governance: Some Assembly Required
More informationBoards and internal audit: Working together to strengthen risk management
Boards and internal audit: Working together to strengthen risk management Growing demands on boards The role of the board has always been an important and demanding one, but today s board members face
More informationDUBAL s ISO based ERM Program
DUBAL s ISO 31000-based ERM Program Building a Harmonized, Proactive and Sustainable Approach to Risk Management October, 2013 Toby Shore Corporate Treasurer & Chief Risk Officer DUBAL Key Things To Discuss
More informationArchitecting Business Flexibility. KC Wu, Vice President Cisco Value Chain IT
Architecting Business Flexibility KC Wu, Vice President Cisco Value Chain IT Speed of Change Change is the only constant in life Rate of Change has grown exponentially Globalization Information, Ideas,
More informationTony Wessels Vice President, Marketing Coupa
Tony Wessels Vice President, Marketing Coupa Welcome Software-As-A-Service Software-As-A-Service Success Agenda Time Topic Presenter 9:00-9:15 Welcome Tony Wessels, V.P. Marketing, Coupa 9:15-10:15 Coupa's
More information3 STEPS TO MAKE YOUR SHARED SERVICE ORGANIZATION A DIGITAL POWERHOUSE
GUIDE 3 STEPS TO MAKE YOUR SHARED SERVICE ORGANIZATION A DIGITAL POWERHOUSE www.celonis.com IN THIS GUIDE Shared-service organizations (SSOs) are about to get a digital upgrade. For decades, SSOs have
More informationEvolving Core Tasks for Improved Internal Audit Performance. Copyright 2018 AuditBoard Inc. 1
Evolving Core Tasks for Improved Internal Audit Performance Copyright 2018 AuditBoard Inc. 1 Introductions Built by experienced auditors, AuditBoard allows enterprises to collaborate, manage, analyze and
More informationCOMPLIANCE TRUMPS RISK
RSA ARCHER GRC Product Brief COMPLIANCE TRUMPS RISK Organizations are finding themselves buried in compliance activities and reacting to the latest laws and regulations. The ever-increasing volume, complexity
More informationReengineering your core processes and service layer A critical digital ecosystem enabler
Reengineering your core processes and service layer A critical digital ecosystem enabler Stéphane Hurtaud Partner Cybersecurity Leader Deloitte Jesper Nielsen Director Technology & Enterprise Application
More informationEY Center for Board Matters Boards and internal audit
EY Center for Board Matters Boards and internal audit Working together to strengthen risk management Growing demands on boards The role of the board has always been an important and demanding one, but
More informationHeightened standards for compliance risk management. Lines of defense compliance s role
Heightened standards for risk management Lines of defense s role Post-financial crisis, the Office of the Comptroller of the Currency (OCC) developed a set of heightened expectations to enhance the risk
More informationCloud Computing Opportunities & Challenges
Cloud Computing Opportunities & Challenges AICPA & CPA/SEA Interchange State Regulatory & Legislative Affairs Emerging Technologies July 11, 2017 Presented by Donny C. Shimamoto, CPA.CITP, CGMA 1 Unless
More informationTrusted by more than 150 CSPs worldwide.
RAID is a platform designed for Communication Service Providers that want to leverage their data assets to improve business processes and gain business insights, while at the same time simplify their IT
More informationReinforcing the Three Lines of Defense SAP software for risk management, process control, and audit management
Reinforcing the Three Lines of Defense SAP software for risk management, process control, and audit management Three Lines of Defense Building confidence and trust The three-lines-of-defense framework,
More informationOffice of Information Technology (OIT) Strategic Plan FY
Office of Information Technology (OIT) Strategic Plan FY 2018 2022 Office of Information Technology - Vision, Mission, Pillars, and Values Vision Statement Boise State is a center for innovation, learning
More informationWHITE PAPER. The Foundation of a Successful ITAM Program - In 5 Not So Easy Steps
WHITE PAPER The Foundation of a Successful ITAM Program - In 5 Not So Easy Steps The Foundation of a Successful ITAM Program - In 5 Not So Easy Steps If anyone ever tells you It s easy to establish a successful
More informationCGMA Competency Framework
CGMA Competency Framework Technical Skills CGMA Competency Framework 8 Technical Skills : This requires a basic understanding of the business structures, operations and financial performance, and includes
More informationCOULD YOUR KEY ACCOUNT STRATEGY BE COSTING YOU REVENUE? REVEGY ACCOUNT BASED IMPACT SERIES
COULD YOUR KEY ACCOUNT STRATEGY BE COSTING YOU REVENUE? REVEGY ACCOUNT BASED IMPACT SERIES As a B2B company, a significant part of your revenue comes from key accounts. You fought hard to win them. And
More informationBest of Breed Automation September 2014
www.pwc.com Best of Breed Automation September 2014 Tom Torlone Managing Director, US Leader Shared Services and Outsourcing Advisory Tom is a Managing Director at and is the U.S. Leader of the firm s
More informationSimplify and Secure: Managing User Identities Throughout their Lifecycles
PRODUCT FAMILY BRIEF: CA SOLUTIONS FOR IDENTITY LIFECYCLE MANAGEMENT Simplify and Secure: Managing User Identities Throughout their Lifecycles CA Identity & Access Management (IAM) Identity Lifecycle Management
More informationSupplier Portals 101: What You Need for Effective Supplier Information Management Systems. Aloke Bhandia Sr. Director, Product Management, Lavante
Supplier Portals 101: What You Need for Effective Supplier Information Management Systems Aloke Bhandia Sr. Director, Product Management, Lavante September 18, 2012 Supplier Portals 101 Introduction What
More informationSecuring Your Business in the Digital Age
SAP Solution in Detail SAP GRC Solutions SAP Access Control Securing Your Business in the Digital Age 1 / 13 Table of Contents 3 Quick Facts 4 Governing Access Efficiently in a Hyperconnected World 7 Analyzing
More informationIntroduction for Oracle NetSuite
Introduction for Oracle NetSuite Growth & Emerging Business Asia Jan 2018 1 SAFE HARBOR STATEMENT The following is intended to outline our general product direction. It is intended for information purposes
More informationAgenda. Manage the Risk of Inefficiency and Occupational Fraud in Day-to-Day Business Processes
Manage the Risk of Inefficiency and Occupational Fraud in Day-to-Day Business Processes July 12, 2011 2:00 3:00pm ET Stephanie Maziol, Product Marketing Director, GRC Applications, Oracle 1 Agenda Welcome
More informationTABLE OF CONTENTS THE DEFINITIVE GUIDE TO DUE DILIGENCE AUTOMATION 2
TABLE OF CONTENTS 1. 2. 3. 4. 5. 6. Capture Key Data and Authorize It... Internally Assess Third-Party Risk... Conduct External Due Diligence... Submit Your Due Diligence Questionnaire for Review... Approve
More informationBusiness Process Management: The Right Way to Do It
Business Process Management: The Right Way to Do It Smita Sharma Introduction BPM is really all about managing processes, the people who are the doers of the process, and the systems that help them achieve
More informationInfor PM 10. Do business better.
Infor PM 10 Infor PM is designed for companies in all industries that seek to better monitor, measure, and manage their business performance in real time. Do business better. The speed, complexity, and
More informationTurn Your Business Vision into Reality with Microsoft Dynamics SL
Turn Your Business Vision into Reality with Microsoft Dynamics SL You have worked hard to build a vision for your business. With Microsoft Dynamics SL, you can turn that vision into reality with a solution
More informationAdvanced Enterprise Work and Asset Management for Performance-Driven Utilities
Advanced Enterprise Work and Asset Management for Performance-Driven Utilities Asset & Resource Management (ARM) 2 CGI s Asset & Resource Management (ARM) 2 suite is a solution designed to streamline the
More informationMultisource Management in the Cloud Age Keys to MSI and SIAM success in Hybrid IT environments
WHITE PAPER Multisource Management in the Cloud Age Keys to MSI and SIAM success in Hybrid IT environments IT delivery has been evolving from a traditional on-premises model to a hybrid model using diverse
More informationA GUIDE TO FRICTIONLESS DELIVERY
A GUIDE TO FRICTIONLESS DELIVERY Aligning DevOps, ITSM and other tooling is the key to achieving frictionless delivery. This paper explains how to connect portfolio management, change and operate activities
More informationWHITE PAPER UNDERSTANDING KEY CONTROL INDICATORS & HOW THEY CAN REDUCE RISK
WHITE PAPER UNDERSTANDING KEY CONTROL INDICATORS & HOW THEY CAN REDUCE RISK UNDERSTANDING KEY CONTROL INDICATORS & HOW THEY CAN REDUCE RISK 2 UNDERSTANDING KEY CONTROL INDICATORS & HOW THEY CAN REDUCE
More informationTexas Tech University System
Texas Tech University System October 31, 2017 ERM Overview Evolution of Risk Management Risk Traditional Definition The possibility that something bad or unpleasant will happen. Merriam-Webster Minimizing
More informationIntegrating a robust third-party risk management program with the vendor onboarding process
Integrating a robust third-party risk management program with the vendor onboarding process Introductions Kevin Bushbaker Alexion Senior Director Global Requisition To Pay kevin.bushbaker@alexion.com Colin
More informationThe Optanix Platform. Service Predictability. Delivered. Optanix Platform Overview. Overview. 95% 91% proactive incidents first-time fix rate
The Optanix Platform Service Predictability. Delivered. Overview The Optanix Platform is a complete SaaS-based IT operations management solution, delivering integrated monitoring, event management, incident
More informationImprove GRC Maturity through Combined Assurance
White Paper Improve GRC Maturity through Management External Assurance Providers Internal Assurance Providers Oversight Governance; Risks and Controls Figure 1: The Model What is Combined Assurance? With
More informationBlackLine Compliance
BlackLine Compliance The Compliance Imperative Compliance and Internal Audit teams are facing a complex regulatory and operating environment. Many teams are under significant cost pressure to improve efficiency
More informationInternal Oversight Division. Internal Audit Strategy
Internal Oversight Division Internal Audit Strategy 2018-2020 Date: January 24, 2018 page 2 TABLE OF CONTENTS LIST OF ACRONYMS 3 1. BACKGROUND 4 2. PURPOSE 4 3. WIPO STRATEGIC REALIGNMENT PROGRAM 5 (A)
More informationDetect. Resolve. Prevent. Assure.
Detect. Resolve. Prevent. Assure. The Emerging Mandate: Continuous Monitoring of Enterprise Business Controls to Achieve Risk Intelligence In every industry, companies of every size are witnessing unprecedented
More informationINFOR PM 10 DO BUSINESS BETTER. LEVERAGE EXPERIENCE.
Infor PM is designed for companies in all industries that seek to better monitor, measure, and manage their business performance in real time. INFOR PM 10 DO BUSINESS BETTER. The speed, complexity, and
More informationTHE CUSTOMER EXPERIENCE MANAGEMENT REPORT & RECOMMENDATIONS Customer Experience & Beyond
www.sandsiv.com THE CUSTOMER EXPERIENCE MANAGEMENT REPORT & RECOMMENDATIONS TM 1 Customer Experience & Beyond www.sandsiv.com TM Customer Experience & Beyond Legal Notice: Sandsiv 2015. All Rights Reserved.
More informationTechnology Landscape. 3 Types of Advisor-Client Texting Solutions for Financial Services
Technology Landscape 3 Types of Advisor-Client Texting Solutions for Financial Services INTRODUCTION Financial services firms text their customers for a number of different reasons, and many already have
More information