GRC: Third-party Risk Management (TPRM) Implementation [SNTPRMI]

OVERVIEW

The Third-party Risk Management application provides a centralized process for managing your organization's third-party portfolio, performing due diligence when onboarding third-parties, and completing the risk assessment. Also, integrating with other GRC applications, provides top-down traceability for compliance with controls and risks.

Join our class to discuss how to get started developing Third-party Risk Management (TPRM) implementation strategy. This 2-day class covers domain knowledge, common technical aspects of an implementation as well as processes to effectively manage it.

Attendees will learn tactical skills and strategies that will better prepare them to implement Third-party Risk soundly and efficiently. Through lectures, group discussion, demonstrations, and hands-on labs, students build on existing knowledge and skills by applying implementation best practices. Course topics include:

- Third-party Risk Management Overview

- Core Configuration

- Assessment Configuration

- Approval and Workflow Changes

- Third-party Portal Experience

- Application Relationships

- Dashboards and Reports

OBJECTIVES

• Navigate the TPRM application components and prepare for implementation
• Configure Core data elements: Third Parties, Contacts, and Inherent Risk Questionnaires (IRQs)
• Configure assessments in the Assessment Designer to create/modify multiple types of assessments included in the Third-party Risk Management process
• Identify baseline workflows and potential custom workflows needed by a customer
• Configure the Third-party Assessment Portal
• Define relationship between assessment questions and GRC applicationsa