Managing Organisational Risk - Identifying, Assessing And Mitigating Third Party Risk
Introduction
Managing risk is one of the more important management functions, especially in today’s ever challenging business environment. Risk is brought about by uncertainty due to hazards, globalization, competition, fast changing technology, and various other internal and external factors. In today’s highly interconnected business landscape, organizations depend on a broad network of third parties, such as vendors, suppliers, partners, and service providers to deliver products and services. Although these relationships enable innovation and operational efficiency, they also bring heightened security, compliance, operational, and reputational risks.
This program, aligned with ISO 31000, provides an overview of third-party risk management (TPRM), focusing on identifying, assessing, and mitigating risks associated with external partners. Participants will learn how to build an effective TPRM framework, conduct due diligence, and monitor third-party performance to protect the organization.
Learning Outcomes / Benefits
After this training workshop, participants will be able to:
- Understand the fundamentals of Risk Management and Third-Party Risk Management.
- Discover the various risks a business may encounter and its impact on the organization.
- Apply the risk management framework to identify and assess various types of third- party risk.
- Respond to and Mitigate Third-Party Risk Incidents
- Develop and implement a robust Third-Party Risk Management (TPRM) framework.
- Foster a Risk-Aware Culture and Continuous Improvement in TPRM.
Key Content
Module 1 - Introduction To Risk Management
- Introduction to Risk Management
- Risk Management Standards
- Risk Responsibilities
Module 2 - Overview Of Third-Party Risk Management (TPRM)
- Definition of third-party risk management
- Who are your third-parties?
- Importance of TPRM in the modern business landscape
Module 3 - Causes, Types And Impact Of Risk
- Categories of Risk
- Risk arising from third-parties
- The Impact of Risk on the organization
Module 4 - Risk Management Framework
- ISO31000:2018 Framework
- Key elements of a TPRM framework
Module 5 - Risk Assessment
- 3 Steps of Risk Assessment
- Risk Assessment Tools & Techniques
- Third-Party Risk Assessment and Due Diligence
Module 6 - Managing Risk
- Developing Risk Mitigation Plans
- Implementing Third-Party Risk Management Practices
Module 7 - Managing Cybersecurity And Data Privacy Risks
- Understanding cybersecurity threats from third parties
- Data privacy considerations and compliance
Module 8 - Incident Response And Crisis Management
- Preparing for third-party risk incidents
- Building an incident response plan
Module 9: Monitoring And Continuous Improvement Of TPRM
- Importance of continuous monitoring of third-party risks
- Monitoring methods
- Keeping pace with evolving risks and regulatory requirements
Module 10 - Building A Risk-Aware Culture
- Risk Management Maturity Model
- Promoting risk awareness across the organization
- Adopting PACED principles for effective risk management in organizations
Target Audience
- Risk Management Professionals
- Compliance Officers and Auditors
- Procurement and Vendor Management Professionals
- Business Leaders and Managers
- Anyone Interested in Risk Management
Methodology
The program is delivered through an interactive mix of presentation, group discussions, case studies and various other activities to enhance overall learning.
