Third Party Risk Management

Product Description

This course is aimed at risk practitioners and business managers who are responsible for building and managing third party risk management (TPRM) frameworks and processes in their organisation.

This course details the key processes you will need to develop and how to adapt them to your organization. It also acknowledges that TPRM is not as simple as introducing a set of processes. We explore governance and roles and responsibilities, and how TPRM should be integrated into broader risk management capabilities of the organisation. We cover how you can monitor and measure third party risks as well as performance of your TPRM program.

Who should do this training?

You will develop the skills and tools needed to implement a comprehensive and effective TPRM framework.

Course Outline

Course Overview

1. Defining Third Party Risk Management

Who are third parties?
What is third party risk?
What is third party risk management?
Objectives of third-party risk management

2. Drivers of Third Party Risk Management

The extended enterprise and external drivers
Regulations driving TPRM
Standards and frameworks

3. What Are We Managing? Third Party Risks

Identifying objectives impacted by third parties
Third parties as risk events
Third parties as causes of risks
Developing a taxonomy of third party risks
Using risk bow tie analysis to understand and map risks
A closer look at compliance, cyber, concentration and contagion risk

4. A TPRM Framework and Process

The risk and reward pyramid
How third parties influence the operating model
Overview of TPRM lifecycle – Onboarding, Ongoing Monitoring and Offboarding

5. Onboarding and Tiering

Third party selection criteria and process
Initial screening and tiering
Initial Due Diligence
Decision and approval process
Onboarding including contractual arrangements

6. Ongoing Monitoring and Risk Management

Key steps in onboarding monitoring
Due diligence updates
Ongoing compliance
Ongoing SLA / contract monitoring
Ongoing management including third party training
Risk metrics and monitoring, external and internal data, and alerts
Escalation and treatment

7. Offboarding

Key steps in offboarding
Consequences of poor offboarding
Ensuring effective closeout of terminated engagements

8. Reporting for TPRM

The purpose of reporting
Main types of reports
Considering multiple audiences for reporting
Levels of reporting, aggregation and filtering
Reporting on risk versus reporting on TPRM process performance

9. Practical Steps to Implement Your TPRM Program

Defining the scope of your TPRM program
Developing a roadmap
Developing a TPRM policy
Creating a third party inventory
Systems and workflows
Communication

10. Integrating TPRM and ERM

Applying the ISO 31000 risk management process to TPRM
Where TPRM fits in an ERM framework

11. Overcoming Challenges in Your TPRM Program

Overcoming lack of buy-in
Overcoming limited resources
Overcoming third party noncompliance
Overcoming inconsistent tiering or risk assessments

12. Who Manages TPRM?

Three Lines Model
Roles across TPRM
Ensuring clear ownership, responsibilities and accountabilities for the complete process

13. When is TPRM Carried Out?

The TPRM lifecycle
Taking a dynamic risk-based approach
Using systems and workflows to improve cadence

Course Expectations

Watch 13 videos
Answer 10 quiz questions
Access 14 downloadable materials

Time

3 hours of video content
Approximately 4 hours for the whole course

Cost

$858.00 inclusive of GST payable by credit card on registration. For purchases for more than 10 people please use the contact form or call 1800 676 011 to speak with one of our Account Managers.

Buy this Course

Buy for individual Buy for company

Discover why so many companies choose GRC Solutions compliance training

"As a subscriber to the GRC Solutions weekly compliance bulletins, the BankVic team has found these a valuable resource for keeping up-to-date with new and changed regulatory and code obligations that affect the mutual banking industry, and how these changes might impact our organisation"

Compliance Manager at BankVic

"The project was extremely positive for both organisations. The GRC Solutions team delivered a visually impactful bespoke learning solution that met HCF requirements… on budget and ahead of deadline."

Compliance Manager at HCF

"I think that this was one of the best modules ever! Whoever created this module should be congratulated over and over. The fact that I have just spoken with a teacher who was having the very difficulties made the module more helpful. Once again thank you."

Pastoral Care, Mercedes College

“The ‘Adaptive’ learning feature is fantastic! It gives learners a sense of control of how they wish to learn and the opportunity to re-confirm/validate their existing knowledge.

The training content is easy to follow, with the use of case studies and relevant scenarios to demonstrate to learners how the content is applied in real life. As a Salt platform Administrator, my experience is made easy with the range of reports available and the patience and support of the GRC Support team, who are always ready and willing to help.”

Learning & Development Specialist at Allied Credit

"I wanted to compliment [GRC Solutions IT Manager] Cody Jones on providing a new customer with an exceptional level of service. Cody is responsive, helpful, no question is a problem and nothing is too much trouble. Cody gives us confidence combined with a pleasant personality which makes our Salt experience so much more manageable and enjoyable."

Risk, Safety & Compliance Officer, Mercy Education Limited

Clients that rely on us

Awards

OUR TROPHY CABINET

GRC Solutions’ team of legal, educational and technology specialists, working in partnership with our clients, win multiple awards, including Best Compliance Training Project at LearnXLive every year for over ten years. Imagine what we can do when we work with you!