Introduction to Risk Management, Part 1: Vendor and Third-Party Risk

On Demand

Your desk!


Information technology plays a central role in your business, so it’s important to understand potential risks, especially as they relate to third-party relationships. In this webcast, ACA will discuss ways your firm can identify, assess, and manage the cyber and information security risks of working with third-party vendors.

In part one of this two-part webcast series, we’ll focus on the growing concern of investors and regulators (including the SEC, FINRA, CFTC, and NFA) regarding third-party relationships. Oversight is imperative as firms increase their reliance on third-party vendors and outsourced service providers to deliver business-critical processes as well as manage sensitive information. As a result, it is becoming increasingly important that firms incorporate due diligence procedures throughout the life cycles of their relationships with vendors.

As part of this discussion, our speakers will address:

  • Vendor risks;
  • Objectives of vendor diligence;
  • Focus areas of diligence; and
  • Proposed SEC rule 206(4)-4 regarding vendor BCP/DR review requirements.