Hi [[ session.user.profile.firstName ]]

Do grades matter? A lesson on SecurityScorecard + IT Vendor Risk

Grades are familiar to us. They’re a useful referencing tool. Remember how nervous you were in high school when your final grades came in? Why not apply this methodology to performing easy-to-understand comparisons among your portfolio of vendors?

This got me thinking about the importance of a grading system and the impact on the growing trend in businesses becoming more reliant on working with your third party vendors.

That's why SAI Global teamed up with SecurityScorecard and to share with you our combined automated assessment and risk scoring platform during a powerful webinar on Tuesday, March 13 at 2:00pm EST.

Enroll now to accelerate your current Vendor Risk Management program or if you’re tired of manually entering data into spreadsheets.
Recorded Mar 13 2018 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Carlos Souza, Director Product Management, SAI Global and Alex Heid, Chief Research Officer, SecurityScorecard
Presentation preview: Do grades matter? A lesson on SecurityScorecard + IT Vendor Risk

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How to Thrive When Your Vendors Aren't Oct 10 2018 6:00 pm UTC 75 mins
    James S. DeGraw, Partner, Ropes & Gray LLP (Corporate Technology Group)
    It’s likely you’ve been wondering if you’ve got the right vendor risk management program in place. The fact is if your vendors breached your company data, you’re liable, and your program is lethal.

    Many factors go into understanding the risk of doing business with your vendors—where will your company’s data be physically located and how access to it will be managed, what’s in your vendor’s previous audits and what does their cyber strategy look like.

    But one thing is certain: When your vendors are at risk, your business is at risk, impacting your entire organization’s ecosystem along with long-lasting legal consequences.

    Over the next few months, we’ll be taking a fresh perspective on vendor risk management that’s perfectly geared for you wherever you are in the VRM lifecycle.

    Our first event is a game-changer. A live webinar on Wednesday, October 10 at 2:00pm EDT featuring Jim DeGraw, a partner in Ropes & Gray’s corporate technology group. DeGraw advised Target on data compliance and handling issues stemming from the data security breach that Target announced in 2013. He regularly provides data incident crisis management counseling, leads investigations into potential data breach events, advises clients on establishing and conducting assessments of information security and data handling governance programs.

    DeGraw will walk you through the disruption and evolution of VRM: regulatory, demographic, technological, current events, and the role digital and the global economy play in these vendor risk changes.

    Find out how you can thrive when your vendors aren’t.
  • Norman Marks on Assessing the Effectiveness of Risk Management Recorded: Sep 25 2018 60 mins
    Norman Marks, CPA, CRMA, Author, Evangelist and Mentor
    How are you measuring the effectiveness of your risk management program? Assessment strategies over the past few years have become increasingly more sophisticated, information-intensive and complex. Norman Marks makes it straightforward.

    Our monthly educational discussion series continues with Norman Marks on Tuesday, September 25 at 2:00pm EDT. Marks will dive into the specifics of setting the right strategies and objectives to deliver value considering what might happen (risk), understanding how the achievement of objectives may be affected by events and situations as management and staff execute those strategies, and much more.

    Make and bold move and grab your seat today. Straightforward is a good tale to hear.
  • Norman Marks on the Convergence of Compliance and Risk Recorded: Aug 14 2018 59 mins
    Norman Marks, CPA, CRMA, Author, Evangelist and Mentor
    The ‘Yield’ road sign is a great example of the intersection of compliance and risk. The universal requirement for ‘Yield’ or ‘Give-way’ is defined as the following:

    The requirement that a driver shall “give way” to other vehicles means that he must not continue or resume his advance or maneuver if by so doing he might compel the drivers of other vehicles to change the direction or speed of their vehicle abruptly.

    Individuals are left to their own interpretation of this definition, from performing a prolonged stop to accelerating at the sign. Enforcement is difficult. And so it is with the numerous ways that Compliance and Risk must coordinate and collaborate within your organization.

    Norman Marks is a firm believer in taking a risk management approach to the business objective of operating in compliance with both laws and regulations and society’s expectations, even when they aren’t reflected in laws and regulations.

    Share your thoughts with Marks on a live webinar, August 14 at 2:00pm EDT when he’ll discuss his point of view about the practical application of the concept of risk appetite and its impact on influencing the day-to-day taking of risk.
  • Communicating Risk Within a Distributed IT Ecosystem Recorded: Jul 18 2018 64 mins
    Timothy Sellnow, Ph.D. and Deanna Sellnow, Ph.D., Professors, University of Central Florida, Strategic Communication
    You’re about to experience the ultimate guide to communicating risk. Wisk away your biases (admit it… we all have them), forego over-complicated explanations and sidestep the temptation to email risk-related issues to your colleagues.

    You’ll discover how you can intelligently improve your thinking about risk and communicating risk concerns from a science-based risk communication model on a live webcast July 18 at 2:00pm EDT.

    Timothy Sellnow, Ph.D. and Deanna Sellnow, Ph.D., are Professors at the University of Central Florida, Nicholson School of Communication, whose primary research and teaching focuses on strategic communication for risk management and mitigation. Tim and Deanna will share with you their best practice framework model for effective instructional risk and crisis communication during this informational session.

    Stake your claim to the ultimate guide. Despite risk’s wretched reputation, you’ll be glad you did.
  • The Mindset of Risky Business in the World of Finance Recorded: Jun 25 2018 61 mins
    Hersh F. Shefrin, Ph.D., Economist and Pioneer of Behavioral Finance
    Nobody likes to talk about it. It makes people feel…uncomfortable. I’m talking about the human side of risk.

    The way we think, act on and communicate about risk, plays a major part on how we would manage a cyber breach for instance. Consider Facebook, Equifax, Target, Uber and so on. And no one is better positioned to influence the outcomes on security and risk management than you.

    We’re not talking about making a sweeping cultural change enterprise-wide. You can make a slight change in your thinking about risk that just might help you avoid your next data breach or better communicate a phishing scam.

    Our first in a webinar series tackles the mindset that all of us inherently possess around risk and its impact on information security issues. The workshop kicks off on June 25 at 2pm EDT featuring Hersh Shefrin, one of the pioneers of behavioral finance. Shefrin holds the Mario L. Belotti Chair in the Department of Finance at the Leavey School of Business at Santa Clara University and has published scholarly articles in the Journal of Finance, Journal of Financial Economics and Review of Financial Studies.

    Don’t worry…you don’t have to slip into your Birkenstock’s for this. Just sign up and listen.
  • Norman Marks on IT Risk Recorded: Jun 5 2018 62 mins
    Norman Marks, CPA, CRMA, Author, Evangelist and Mentor and Noah Gottesman, Senior Director Risk Advisory Services, SAI Global
    Technology is no longer the exclusive domain of the IT department. Norman Marks thinks we should be talking about technology as a source of risk rather than just IT. What do you think?

    Share your thoughts with Marks on a live webinar, June 5 at 2:00pm EDT, when he’ll discuss his point of view that IT is more than just a department. It’s made up of people, processes and addresses risks that typically arise from failings in those processes through the operation of IT general controls (ITGC).

    From audit risks to cyber risks, Marks will help you understand that it may be necessary to take more risks than you might be comfortable with.

    Find out more during this special webinar, June 5 at 2:00pm EDT.
  • Norman Marks on the Three Lines of Defense Recorded: May 15 2018 57 mins
    Norman Marks, Governance, Risk Management and IT Audit expert and Noah Gottesman, Senior Risk Advisor, SAI Global
    Are you frustrated by the existing incentives attributed to the three lines of defense where the first line is typically rewarded for taking risk, but not managing it? Learn what Norman Marks has to say about this and more in a lively conversation on Tuesday, May 15 at 2:00pm EDT. Marks will be joined by Noah Gottesman, Senior Risk Advisor at SAI Global.

    Norman is a practitioner and thought leader in internal audit, risk management, and governance for over 40 years and will help to understand how to maneuver the complexities of the three lines of defense risk framework to achieve a clear and open line of communication and coordination between business, risk and compliance and audit.

    Whether you view the model as perfect or frustrating, register today for this informative webinar.
  • Put your SOX on…GDPR could be a bumpy ride Recorded: Apr 17 2018 63 mins
    Dan Felz, Associate, Alston & Bird’s Litigation & Trial Practice Group and Noah Gottesman, Senior Risk Advisor, SAI Global
    Remember when Sarbanes-Oxley hit in 2002? Most companies were scrambling to document, manipulate and merge piles of spreadsheets and Word documents to achieve compliance with this new law.

    Now we have GDPR. You may be feeling a rush of fear when you hear or see the acronym, but if you think of GDPR as the continuation and evolution of information security best practices, it won’t seem like such a scary ride.

    We’ll help you do just that during our live webinar on April 17 at 2:00pm EDT featuring data and privacy attorney Dan Felz. Dan is an associate in the Alston & Bird’s Litigation & Trial Practice Group and will be sharing with you his observations on what’s happening now beyond GDPR policies, contracts and check lists.

    Take your SOX off--failure to appear isn’t an option.
  • The Modern CISO Project: CISO Panel Webinar Recorded: Apr 4 2018 67 mins
    Gerald Beuchelt, LogMeIn; Jackson Muhirwe, UC Davis; Richard Rushing, Motorola Mobility; Frank Aiello, The American Red Cross
    Part computer geek, investigative analyst and law enforcement. These high level competencies seem to define the role of the CISO in 2018.

    Since the title’s origin 23 years ago, CISOs have now become vital to helping guard the safety of an organization in a world of ever increasing and potent security threats. However, in recent years, CISOs have also become critical business enablers as well, providing effective lines of communication and appropriately addressing risks and security needs to board members.

    The CISO of today must understand the technical side of cyber security, in addition to enterprise risk management and how both disciplines impact an organization’s ability to successfully drive business forward. Join our panel as we discuss the current state of the CISO as well as what the future holds for the CISOs of tomorrow.
  • Do grades matter? A lesson on SecurityScorecard + IT Vendor Risk Recorded: Mar 13 2018 62 mins
    Carlos Souza, Director Product Management, SAI Global and Alex Heid, Chief Research Officer, SecurityScorecard
    Grades are familiar to us. They’re a useful referencing tool. Remember how nervous you were in high school when your final grades came in? Why not apply this methodology to performing easy-to-understand comparisons among your portfolio of vendors?

    This got me thinking about the importance of a grading system and the impact on the growing trend in businesses becoming more reliant on working with your third party vendors.

    That's why SAI Global teamed up with SecurityScorecard and to share with you our combined automated assessment and risk scoring platform during a powerful webinar on Tuesday, March 13 at 2:00pm EST.

    Enroll now to accelerate your current Vendor Risk Management program or if you’re tired of manually entering data into spreadsheets.
  • LIVE: GDPR Compliance Product Demo Part 1 Recorded: Mar 6 2018 39 mins
    Bruno Araujo, Global Solutions Engineer for IT GRC & Digital Risk
    You're not alone. The GDPR is a complex regulation to understand. One way to help you maneuver through the details is to sample our software in a highly engaging product demo on March 6 at 2:00pm EST. You'll see for yourself how our holistic solution is more than just helping you operationalize DPAI.
  • Technology Secrets to Complying with the GDPR Recorded: Feb 22 2018 61 mins
    John Ambra, Vice President Risk Product Strategy, SAI Global and Anton Merk, Director Presales, SAI Global
    It’s no secret that we’re on the heels of the deadline to comply with the General Data Protection Regulation (GDPR)—May 25, 2018. And to help you meet the specific criteria, we’ve built a complete technology platform that’s designed to help you become GDPR compliant.

    So save a seat for our latest GDPR webinar on February 22 at 2:00pm EST and up your understanding of a comprehensive solution that will guide you towards compliance.
  • A Whale of a Breach: Equifax's Complete Compliance Cataclysm Recorded: Dec 12 2017 55 mins
    Noah Gottesman, Senior Risk Advisor, SAI Global
    Join us for a special webinar on Thursday, December 12, 2017 at 2:00pm EST as Noah Gottesman, Senior Risk Advisor at SAI Global, explores Equifax's corporate governance policies, communication plans, technology systems and more that contributed to a whale of a breach.
  • DFARS Cyber Compliance: A Legal Perspective Recorded: Oct 11 2017 54 mins
    Ashden Fein and Susan Cassidy
    Ashden Fein, key prosecutor in the Bradley Manning Wikileaks case and Susan Cassidy, legal advisor on contractor cybersecurity requirements will address the cybersecurity compliance obligations imposed on government contractors by the Department of Defense and legal implications for non-compliance.
  • Mind the Gap: Are you sure you’re DFARS compliant? Recorded: Sep 20 2017 28 mins
    SAI Global Team
    Getting compliant with DFARS is more complicated than you think. You may have gaps in your critical cyber security controls against NIST 800-171 that you don’t even know about.
  • Don’t let the DOD get you down—get compliant with DFARS Recorded: Aug 30 2017 49 mins
    Mike Ashe, IT GRC Senior Pre-Sales Consultant, SAI Global
    This webinar will help you understand what DFARS 252.204-7012 is, why NIST 800-171 and not NIST 800-53, how to close the gap on Controlled Unclassified Information (CUI) protection and how to identify the need for DFARS (NIST 800-171) compliance,
  • Digital Manager 360 - What's New? Recorded: Jul 8 2017 4 mins
    Kathleen Oliveira, Senior Technical Writer, IT GRC
    Introducing Digital Manager 360.

    Formerly known as IT Risk Manager, this video highlights the newest features, capabilities and look of SAI Global's Digital Manager 360.
  • Customer Case: Aflac capitalizes on technology GRC revamp Recorded: Jun 20 2017 60 mins
    Tim Callahan, SVP, Global Chief Security Officer at Aflac & Portia Mills, Marketing -- Risk Segment at SAI Global
    When Aflac’s global security team set out to revamp their technology governance, risk and compliance (GRC) processes, they embraced the opportunity to create an even stronger program through automation. Aflac needed greater visibility into technology GRC activities, as well as a single platform to improve document management and act as a central source of the truth accessible to all stakeholders. IT Risk Manager was selected and implemented to improve transparency and accountability. It helped the Aflac global security team save on time and resources for a more intelligent approach to risk management.
  • From Spreadsheets To Software: The Intelligent Way to Manage Third Party Risk Recorded: Jun 2 2017 46 mins
    John Ambra, VP Risk Product Strategy
    Business risks keep multiplying. If your risk management systems can’t keep up, your enterprise will bear the consequences.

    Risk management has always been complex, but that complexity is growing at an unprecedented rate due to the sheer size and intricacy of global supply chains, as well as corrupt business practices and the increasing number of cyber threats. Extended or third-party business relationships expose an organization to a number of risks including security, legal and operational risks, and many businesses are completely unaware of the potential impact.
  • Managing your IT GRC programme: Third Party Risk Recorded: May 23 2017 54 mins
    Simon Wilkes, Senior IT Governance Consultant
    This session will focus on:
    1)How to simplify your vendor risk management program to help lower your exposure to fiscal, operational and regulatory risk from your extended enterprise,
    2) Providing practical examples of how to automate your IT Vendor Management using the IT Risk Manager platform,
    3) Demonstrate how to perform vendor risk assessments more efficiently, assess more vendors against more controls and automate vendor due diligence and on-boarding to safeguard your organisation.
SAI Global
The SAI Global channel features presentations with Integrated Risk Management thought leaders, customers, analysts and leading solution experts. Our IRM solutions are a combination of leading capabilities, services and advisory offerings that operate across the entire risk lifecycle allowing businesses to focus elsewhere. Together, these tools and knowledge enable clients to develop a holistic, integrated view of risk.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Do grades matter? A lesson on SecurityScorecard + IT Vendor Risk
  • Live at: Mar 13 2018 6:00 pm
  • Presented by: Carlos Souza, Director Product Management, SAI Global and Alex Heid, Chief Research Officer, SecurityScorecard
  • From:
Your email has been sent.
or close