Agenda

Agenda

Third Party Risk Management | Agenda

**************************************************
Live virtual course | Agenda timing is in HKT/SGT

Respective time in AEST:
Start: 12:00pm
Break: 2:00pm
Finish: 4:30pm
**************************************************

09:0010:00

Overview of third-party risk management (TPRM)

10:00 - 11:00

  • Understanding the TPRM life cycle
  • Latest regulatory updates for TPRM
  • How TPRM has been impacted by Covid-19 
  • Challenges and opportunities under digitalization

10:0011:00

Building a third-party risk management framework

10:00 - 11:00

  • Key components of a robust TPRM framework
  • Developing risk-based segmentation strategies
  • Assigning clear governance and escalation processes across the 3 LoD
  • Fourth party risk management considerations

11:0011:30

Break

10:00 - 11:00

11:3012:30

Identifying and assessing risks of third parties

10:00 - 11:00

  • Identifying the risks of third parties and creating an inventory
  • Defining the different tiers of risk
  • Developing effective risk ranking systems
  • Conducting risk assessments of third parties
  • Applying maturity assessments of TPRM

12:3013:30

Oversight and due diligence for managing third parties

10:00 - 11:00

  • Continuous monitoring and control assessments
  • Ensuring consistency in reporting
  • Identifying different forms of concentration risk
  • Utilizing models and TPRM tools for more efficient due diligence processes
  • Contract management

09:0010:00

Integrating resiliency and business continuity in third-party risk management

10:00 - 11:00

  • Defining critical parties
  • Mapping business processes, risks, and controls
  • Assessing current infrastructures
  • Preliminary testing
  • Tabletop exercise vs joint test 

10:0011:00

Operational risk within third-party risk management

10:00 - 11:00

  • Selecting the appropriate operating model
  • Integrating TPRM into existing risk practices
  • Operational risk best practices for third parties
  • The importance of a holistic approach
  • TPRM: moving beyond operational risk management

11:0011:30

Break

10:00 - 11:00

11:3012:30

Managing data and third-party risk management

10:00 - 11:00

  • Appropriate storage of data
  • Documenting data ownership before, during and after 
  • Streamlining data to identify high risk areas 
  • Regulatory considerations
  • Effects of remote working 
    • Cybersecurity risk
    • Technology risk

12:3013:30

Exit strategy for leaving a third-party

10:00 - 11:00

  • Identifying accountabilities for the third party
  • Ensuring fulfilment of contract obligations
  • Establishing well defined transition procedures
  • Exploring product or process substitutability
  • How to transition to another party or service