Supplier Relationship Management - In-person
Revolutionizing Vendor Management: Enhancing Control and Minimizing Risk
Look what happened to all the IT shops that “trusted” CrowdStrike, Solar Winds, and others! Is your organization in control of its information technology vendors, or are you at the mercy of vendor mismanagement?
Ineffective vendor management practices can lead to disrupted operations and compromised services. It's time to establish a robust, centralized, and efficient Vendor Management Program.
Join us for an engaging 4-hour seminar designed to tackle these challenges head-on. Whether you're just starting out or have an established vendor management program, this event will offer valuable insights into designing, implementing, and optimizing your vendor management for your supply chain.
Event Highlights:
- Comprehensive Understanding: Gain a solid understanding of what constitutes a “vendor” and how to generate a comprehensive list.
- Lifecycle Management: Learn the phases of the vendor management lifecycle process and understand the placement of responsibility.
- Risk Assessment: Discover processes and controls organizations should conduct throughout the Vendor Lifecycle, including assessing vendor risk and conducting audits.
- Cybersecurity: Get an overview of common cybersecurity risks in IT vendor relationships, identify potential threats, and learn best practices for mitigating these risks.
- Quality Management: Establish clear quality standards and expectations, methods for ongoing assessment, and effective resolution techniques.
- Real-World Examples: Learn from case studies of both successes and failures in quality management and cybersecurity breaches.
- Vendor Relationships: Techniques for fostering transparent and collaborative relationships, importance of regular communication, and feedback loops.
- Contract Negotiation: Tips focusing on cybersecurity and quality requirements during contract negotiations.
By the end of this event, participants will be equipped with the knowledge and tools necessary to manage IT vendors effectively, protecting their organization against cybersecurity risks and maintaining high-quality standards.
Details on Event Presentation
Being offered on Thursdays at 8:45 a.m. to 12:00 noon
We can schedule private courses on internal audit on your timetable for two or more attendees.
NASBA Program Disclosures
Program Level of Understanding: Intermediate
Prerequisites: None
Advance Preparation: None
Delivery Format: Group Internet Based
NASBA Field(s) of Study: Auditing, Internal ControlsCPE Credits: 4, based on 50 minutes of instruction per hour
CPE Event Highlights
Understanding Vendor Management:
- Define what constitutes a “vendor” and generate a comprehensive list.
- Learn the phases of the vendor management lifecycle process.
- Understand the placement of responsibility for vendor management.
Risk Assessment and Control:
- Discover processes and controls organizations should conduct throughout the Vendor Lifecycle.
- Assess vendor risk and conduct vendor audits.
Cybersecurity Focus:
- Overview of common cybersecurity risks in IT vendor relationships.
- Identifying potential cybersecurity threats from IT vendors.
- Best practices for assessing and mitigating cybersecurity risks.
- Developing vendor cybersecurity policies and protocols.
- Real-world examples of cybersecurity breaches and lessons learned.
Quality Management:
- Establish clear quality standards and expectations.
- Methods for ongoing quality assessment and monitoring.
- Resolving quality issues effectively and maintaining strong vendor relationships.
- Case studies of quality management successes and failures.
Building Strong Vendor Relationships:
- Techniques for fostering transparent and collaborative vendor relationships.
- Importance of regular communication and feedback loops.
- Contract negotiation tips focusing on cybersecurity and quality requirements.
Learning Objectives
1. Comprehensive Vendor Understanding
- Develop a clear definition of what constitutes a “vendor” in the context of your organization.
- Learn how to compile and maintain a comprehensive list of vendors.
2. Mastering the Vendor Management Lifecycle
- Understand the key phases of the vendor management lifecycle.
- Identify the roles and responsibilities within each phase.
3. Effective Risk Management
- Discover methodologies for assessing and mitigating risks associated with IT vendors.
- Conduct thorough vendor audits to ensure compliance with organizational standards.
4. Enhancing Cybersecurity Measures
- Gain insight into common cybersecurity risks linked to IT vendors.
- Implement best practices for developing and enforcing vendor cybersecurity policies.
- Learn from real-world examples of cybersecurity incidents and their resolutions.
5. Quality Assurance Practices
- Establish and communicate clear quality standards and expectations to vendors.
- Implement ongoing monitoring and assessment methods to ensure quality deliverables.
- Develop strategies for resolving quality issues while maintaining productive vendor relationships.
6. Building and Sustaining Strong Vendor Relationships
- Acquire techniques for fostering transparent and collaborative partnerships with vendors.
- Understand the importance of regular communication and feedback in maintaining healthy vendor relations.
- Learn effective contract negotiation strategies that emphasize cybersecurity and quality requirements.
7. Practical Application of SRM Strategies
- Participate in hands-on workshops to practice risk assessment and vendor evaluation.
- Engage in scenario-based activities to develop customized SRM strategies tailored to your organization’s needs.
Key Issues on the Agenda
1. Introduction to SRM for IT Vendors
- Importance of SRM in today’s digital landscape
- Key components of successful SRM practices
- Overview of common cybersecurity and quality risks in IT vendor relationships
2. Cybersecurity Risk Management
- Identifying potential cybersecurity threats from IT vendors
- Best practices for assessing and mitigating cybersecurity risks
- Developing vendor cybersecurity policies and protocols
- Real-world examples of cybersecurity breaches and lessons learned
3. Ensuring Quality in IT Vendor Deliverables
- Establishing clear quality standards and expectations
- Methods for ongoing quality assessment and monitoring
- Resolving quality issues effectively and maintaining strong vendor relationships
- Case studies of quality management successes and failures
4. Building Strong Vendor Partnerships
- Techniques for fostering transparent and collaborative vendor relationships
- Importance of regular communication and feedback loops
- Contract negotiation tips focusing on cybersecurity and quality requirements
5. Continuous Monitoring of IT Vendors
- Continuous Risk Assessment
- Establish Clear Metrics and KPIs
- Real-Time Incident Reporting
- Regular Security Audits
- Performance Reviews and Feedback Loops
- Contractual Clauses for Compliance
- Data Protection Measures
By the end of this event, participants will have a solid understanding of how to manage IT vendors effectively, ensuring their organization is protected against cybersecurity risks and maintains high-quality standards.
Summary of the Subject Matter
Supplier Relationship Management (SRM) is a critical component of modern business operations, particularly when it comes to managing IT vendors. This event delves into the essentials of defining and identifying vendors, developing comprehensive vendor lists, and understanding the lifecycle of vendor management. By mastering these foundational elements, organizations can ensure they are well-equipped to handle their vendor relationships efficiently and effectively.
A significant focus of this event is on managing cybersecurity risks associated with IT vendors. Participants will learn to identify common cybersecurity threats, implement best practices for risk assessment and mitigation, and develop robust cybersecurity policies. Additionally, the program covers quality assurance by establishing clear standards and expectations, utilizing ongoing monitoring techniques, and addressing quality issues promptly while maintaining strong vendor relationships.
The practical application of these concepts is emphasized through interactive workshops and real-world case studies, allowing participants to apply SRM strategies in scenarios that mimic actual challenges. Expert panel discussions and networking opportunities further enhance the learning experience, providing insights into emerging trends and fostering connections with peers and industry leaders. By the end of the event, attendees will be armed with the knowledge and tools necessary to protect their organization from cybersecurity risks and ensure high-quality vendor deliverables, earning 8 CPE credits in the process.
Authoritative Sources
National Institute of Standards and Technology (NIST)
- Comprehensive guidelines on cybersecurity best practices and risk management.
- NIST Cybersecurity Framework
ISACA
- Leading global provider of knowledge, certifications, community, advocacy, and education on information systems assurance and security, enterprise governance, and IT-related risk and compliance.
- ISACA Resources
Gartner
- Trusted insights and advice for leaders in IT, finance, HR, customer service, and support to make the right decisions and stay ahead of change.
- Gartner IT Vendor Management
SANS Institute
- Information security training, certification, and research organization.
- SANS Security Resources
- Articles and studies on effective vendor management, risk mitigation, and quality assurance.
- HBR Vendor Management Articles
These resources provide invaluable insights and best practices to help you enhance your organization's approach to supplier relationship management.