Loading...

Third and Fourth Party Management

We will explore best practices for Vendor Management, Third Party Risk Management, Fourth Party Management and Customer Risk Management.

OnDemand
Recorded Tuesday,
May 17th, 2022
Presented by Terry Kuxhaus
2h total length
$279.00 or 1 Token

Includes: 30 Days OnDemand Playback, Presenter Materials and Handouts

  • Risk Management/Legal
  • Technology/Security
  • Compliance Officer
  • Internal Auditor
  • IT Professional
  • Privacy Officer/Information Security Professional
  • Risk Manager
  • Security Officer
  • Senior Management

Save on training and share webinar access across your entire organization.

Request more information

Learn about upcoming events, webinars and discounts.

Sign Up For Email Notifications

In recent years, financial institutions have seen a significant amount of new guidance on third party risk management and new terms coined such as Fourth Party Management. FFIEC Cybersecurity Assessments Tool (CAT) encourages financial institutions to expand questioning around third party risk management practices and suggests more rigorous oversight. The FFIEC coined the term “External Dependencies” in CAT guidance. This expands requirements beyond vendors to include any third-party relationship, including customers. Regulators also suggest that the FFIEC CAT can be leveraged against Third Parties; not just financial institutions. In addition to the FFIEC, the OCC has issued additional guidance for examiners when reviewing third party management programs.

We will explore best practices for Vendor Management, Third Party Risk Management, Fourth Party Management and Customer Risk Management.

Covered Topics

  • Overview of industry breaches
  • New regulatory expectations
  • Risk Management practices for selecting new products/services 
  • Risk Management of existing relationships
  • Third Party and Fourth Party Management concepts
  • SOC 2 Reports and how to get value
  • Integration of customers into management program
  • Lessons learned from failed management programs

Who Should Attend

Information Security Officer, IT Manager, Risk Officer, Internal Auditor, CFO, and Executives looking to understand the risk around Third Party Management.


Instructor Bio

Terry Kuxhaus is a Senior Information Security Consultant with SBS CyberSecurity, LLC of Madison, SD. He has fourteen years of Information Technology Management, Information Security, ISP development, Vendor Management, and Network Security experience at a financial institution. He has a Bachelor of Science in Technology from Black Hills State University.