Global +919619426581 | +96598743346 support@tprmalliance.com

Uncategorized

Nineth TPRM RoundTable Nov’24

October 7, 2024

International TPRM Alliance Hosts the 9th TPRM Roundtable: A Comprehensive Exploration of Third-Party Risk Management

October 5, 2024 | Arabian Time

The International TPRM Alliance (TPRM-With-Yedhu) proudly hosted its 9th TPRM Roundtable on October 5th, 2024, bringing together over 50 third-party risk management (TPRM) practitioners from diverse regions including the Middle East (UAE, Kuwait, Saudi Arabia), the UK, Luxembourg, USA, and India. This annual gathering serves as a pivotal platform for industry leaders to exchange insights, discuss emerging trends, and showcase innovative solutions in the realm of TPRM. This was the first event under the “International TPRM Alliance” banner.

Event Highlights

🌟 Featured Topics & Esteemed Speakers

“5 Years, 4 Critical Insights: Mastering Global TPRM Transformations”

Presented by Anu Kukar, Cyber Security Executive, Switch2Cyber® – Campaign & Community

Anu Kukar shared her extensive experience and key learnings in the TPRM landscape, emphasizing the critical insights for navigating global transformation in third-party risk management.

Drawing an analogy to Disneyland, the speakers illustrated the complexities of TPRM during organizational transformations. They emphasized the necessity of robust TPRM frameworks to prevent operational disruptions, akin to how a malfunctioning wristband or payment system can derail a day at Disneyland.

Add Your Heading Text Here

Five Practical Takeaways:

  1. Comprehensive Supplier Assessment: Evaluate suppliers based on their geographic operations and service provisions during due diligence and onboarding.
  2. Board Accountability: Shift accountability to the board level, considering potential fines and legal repercussions for non-compliance.
  3. Reporting Hierarchy: Ensure that TPRM reporting reaches the highest organizational levels to drive strategic decision-making.
  4. Evolving Supplier Definitions: Adapt to changing definitions of suppliers, including understanding fourth and fifth-party providers.
  5. Dynamic Risk Assessment: Continuously assess suppliers based on the data they handle, especially with the integration of AI and data creation processes.

Anu also focused on :

  • Concentration Risk Management: Focused attention on concentration risks, particularly in the UK market.
  • Technological Leverage: Utilize advanced tools to map and understand data flows within the organization.
  • Awareness and Training: Continuous training and awareness initiatives to keep internal teams informed and responsive to evolving risks.

“Building a Tailored Third-Party Due Diligence Framework”

Presented by Clive Besterwitch, CISSP, CISA, CFE, Director, TPRM Consulting Ltd


Clive Besterwitch delved into the nuances of creating customized due diligence frameworks that cater to the unique needs of organizations, ensuring robust and adaptable risk management processes.

Add Your Heading Text Here

Clive emphasized the importance of:

  • Tailored Contractual Clauses: Incorporate specific data security and privacy clauses, along with the right to inspect.
  • Real-Time Monitoring: Transition from point-in-time due diligence to continuous monitoring to adapt to changing supplier landscapes.
  • Database Consolidation: Streamline supplier data across organizational databases to enhance criticality assessments and tiering processes.
  • RACI Matrix Implementation: Define clear roles and responsibilities across cross-functional teams to ensure effective TPRM execution.

🚀 Innovative Product Displays

Fabrik: Accelerating Third-Party Risk & Compliance with Data Connectivity


Presented by Henry Stanley, Co-Founder & CPO, Fabrik


Henry Stanley introduced Fabrik, highlighting its capability to streamline data connectivity and accelerate third-party risk and compliance processes through innovative solutions and

Add Your Heading Text Here

Henry presented Fabrik, a data connectivity partner designed to:

  • Streamline Data Collection: Reduce bottlenecks in due diligence by simplifying data connectivity across various trust centers.
  • Enhance Workflow Integration: Facilitate seamless integration of supplier data into TPRM workflows through APIs and user-friendly tools.
  • Enable Real-Time Data Streaming: Transition from a “request and wait” model to a “subscribe and stream” approach for efficient data access.

starrvault: Revolutionizing Secure Communication with Next-Gen Data Privacy

 

Presented by Sohamm Kulkarni, Founder, StarrVault


Sohamm Kulkarni showcased StarrVault, a cutting-edge platform designed to enhance secure communication with advanced data privacy features, ensuring end-to-end encryption and user-friendly interfaces.

Add Your Heading Text Here

Kabir introduced StarrVault, a secure communication platform offering:

  • End-to-End Encryption: Ensure privacy and security in all communications.
  • Customizable Features: Provide robust customization options for secure chatting and note-taking.
  • User-Friendly Interface: Enhance user experience with an intuitive and accessible UI, currently in beta.

Official Announcements and Background: By Yedhu Krishna Menon, Founder, International TPRM Alliance

The event commenced with an official announcement by Yedhu Krishna Menon, declaring that TPRM-With-Yedhu is now officially recognized as the International TPRM Alliance. Yedhu provided a brief history of the alliance, tracing its origins back to a WhatsApp group established in July 2020 to support members during the COVID-19 employment uncertainties. He emphasized that “TPRM is an endless journey”, outlining the mission and vision that guide the alliance’s ongoing efforts to advance TPRM practices globally.

In his inaugural speech, Yedhu K Menon emphasized the importance of monitoring in Third-Party Risk Management (TPRM), highlighting three key aspects: Periodic Monitoring, Continuous Monitoring, and Real-Time Monitoring. He explained that these forms of monitoring are essential in maintaining an effective TPRM framework. Periodic Monitoring involves scheduled assessments of third-party risks at regular intervals, ensuring compliance and identifying potential issues that may arise over time. Conversely, continuous monitoring integrates risk management processes throughout the lifecycle of third-party relationships, from onboarding to offboarding, providing ongoing visibility into vendor performance and risk exposure. Finally, Real-Time Monitoring represents the cutting edge of TPRM, allowing organizations to track and respond to risks as they occur, offering immediate insights and enabling proactive decision-making. Yedhu stressed that these layers of monitoring ensure that businesses can not only detect risks early but also adapt quickly to dynamic risk environments, thereby safeguarding critical supply chains and vendor ecosystems.

The session included a comprehensive overview of the historical evolution of TPRM, transitioning from being known as Vendor Risk Management to the broader scope of Supply Chain Risk Management.

Other key topics addressed included:

  • Proactive Risk Assessment
  • Geopolitical Factors
  • Vendor Cyberhealth
  • Breach Incidences
  • Nth Party Due Diligence
  • Tier-Based Reviews
  • Detailed Vendor Assessments

Upcoming TPRM Summits and Events

  • Third Party & Security Supply Chain Summit 2024
    Scheduled for November 2024 in Dubai
    Alina , Director, GIA Group extended an official invitation to all attendees for the upcoming summit, offering a personalized promo code for members of the International TPRM Alliance.

Conclusion and Future Directions

The 9th TPRM Roundtable underscored the continuous evolution and critical importance of third-party risk management in today’s interconnected business environment. Participants left with actionable insights, innovative solutions, and a reinforced commitment to advancing TPRM practices within their organizations.

Looking ahead, the International TPRM Alliance is set to host its 11th and 12th Roundtables, focusing on emerging topics such as real-time monitoring, strategic partnerships, and advanced due diligence frameworks. The alliance remains dedicated to fostering a collaborative community that drives excellence and resilience in third-party risk management.

Stay Connected with the International TPRM Alliance:

Thank you to all speakers, participants, and partners for making the 9th TPRM Roundtable a resounding success. We look forward to continuing our journey together in mastering third-party risk management.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search website

Recent Posts

Categories

Tags

Anu Kukar Clive Besterwitch Cyber Security Executive Fabrik Global TPRM Summits Henry Stanley International TPRM Alliance Sohamm Kulkarni StarrVault Switch2Cyber® - Campaign & Community TPRM-With-Yedhu TPRM Community Development TPRM Consulting Ltd TPRM Roundtables

Meta

Useful Links

What do we do ?
Join TPRM Alliance
Register as a Speaker
Regulatory Updates
Summit Reports
TPRM Learnings
Website developed with by Yedhu and Dinker for the upliftment of the global TPRM Community. 

©2024. International TPRM Alliance. All Rights Reserved.

Privacy Policy