Name: Emerging Third-Party Risk Trends Beyond the CISO Office
Start: 2023-03-08T18:00:00Z
End: 2023-03-08T18:59:49.000Z
Location: BrightTALK
Rating: 4

AuditBoard transforms how audit, risk, and compliance professionals manage today’s dynamic risk landscape with a modern, connected platform that engages the front lines, surfaces the risks that matter, and drives better strategic decision-making. More than 40% of the Fortune 500, including 6 of the Fortune 10, leverage AuditBoard to move their businesses forward with greater clarity and agility. AuditBoard is top-rated by customers on G2 and Gartner Peer Insights, and was recently ranked as one of the 100 fastest-growing technology companies in North America by Deloitte. 


Who has access to your company’s data and what risks do they pose to your organization? While these questions seem basic, most organizations cannot confidently answer them, despite an accelerating trend of third-party threats and incidents. Building a robust third-party risk program is complex and takes time. Building a program that allows information security teams to be strategic in managing third-party risks is even more challenging. 

During this session at the recent ISC2 GRC Virtual Summit, we explored how to successfully implement a strategic and technology-enabled third-party risk program to manage this emerging source of risk.

CPE: This is a session recording. Credits are not offered for on-demand viewing by AuditBoard or ISC2.

ISC2 GRC Summit Session - Third-Party Risk: What You Don’t Know CAN Hurt You

For the modern IT risk and compliance team, manual work is quickly becoming the biggest liability in their organization’s GRC program. As compliance requirements and complexity grows, existing evidence collection and controls testing methods are failing to scale with the needs of the business. 

Automation brings the promise of enabling IT risk & compliance teams to escape endless audit cycles and enter a world of proactive risk management. Join this webinar to hear real-world examples of the successes and pitfalls our speakers have witnessed in their automation journey, and learn how automation can help:

- Lower the burden of evidence collection.
- Improve the accuracy and frequency of controls testing. 
- Lay the groundwork for continuous automation. 


CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

The Promise of Automation: Scaling Key Compliance Processes

With 2024 SEC reporting requirements just over the horizon, companies are getting more serious about formalizing their Environmental, Social, and Governance (ESG) programs. To get a read on how mature these efforts are, AuditBoard has surveyed over 100 companies to benchmark how they are tackling ESG internally. In this webinar, we’ll shine a light on this important new area of enterprise risk and share best practices for building an audit-ready ESG program in preparation for the new SEC requirements.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Maturing ESG Program Management

This session will discuss the importance of finding your voice when organizations are experiencing challenging times. Based on her fraud research from her upcoming book Fool Me Once: Scams, Stories and Secrets from the Trillion Dollar Fraud Industry (Harvard Business Review Press March 2023), Dr. Pope will discuss the importance of leaders using their voices to save their organizations from significant fraud losses. She will also discuss preventive strategies that all stakeholders should know to keep their organizations fraud free.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Fool Me Once: An In-Depth Look at Fraud in Today’s Organizations

The proposed SEC rules governing ESG disclosures promise to usher in a new era of regulatory oversight for which many teams are unprepared. They may not know where to start, what compliance with the proposed rules looks like, or even what the ROI of standing up an ESG program might be. This session will cover the specific steps teams can take today, tomorrow, and in the future to prepare for compliance, reduce ESG risk exposure for their organizations, and in the process protect brand equity and stock prices, among other tangible benefits.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

The Business Value of Addressing the Coming SEC Rules on ESG

Over the past few years, additional documentation and testing requirements have been brought up by the auditors regarding IPE (Information Provided by Entity). With the renewed focus on the IPE, this session focuses on identifying different types of IPEs and their associated risks, discussing system considerations for IPE, sharing our experiences in IPE testing, as well as practice of building a consistent IPE process. We will share examples and learnings from the past few years including SOX readiness initiatives.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

IPE – SOX Readiness Considerations

Now more than ever, data analytics and new technology will become more prevalent within organizations. Audit will play a strategic role by utilizing these resources to identify new issues and manage emerging risks. This session will discuss best practices for effectively integrating data analytics into an audit program, and explore future possibilities for leveraging RPA and AI.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Utilizing Technology to Advance Internal Audit in a New Risk Environment

It is no secret that expanding organizational risk profiles, tighter regulations, and rising stakeholder expectations create a demanding assurance landscape for internal audit organizations in the financial services (FinServ) sector. What is frequently overlooked is how traditional audit processes and methodologies limit real-time visibility into risk, hinder agility needed to address changing risk, and mask business-impacting insights. These insights are crucial to advise and partner with the broader organization, and their absence increases the risk of regulatory noncompliance. Join us for this webinar to see how agile auditing provides the flexibility needed to respond and react to the rapid shifts in risk exposure that financial services organizations face.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Transforming With Agile to Combat Financial Services' Heightened Risk Exposure

Like the plot of the popular movie Ron’s Gone Wrong, one bad bot can create a world of havoc for your organization when relying on them for processes and transactions related to Internal Control over Financial Reporting (ICFR). This session will discuss governance frameworks, strategies, and efficient ways of documenting your RPA bot development activities to ensure that your bots keep your operations and compliance program operating efficiently.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

How To Guide Your RPA Program & Manage Compliance With Bots & Citizen Developers

Who has access to your company’s data and what risks do they pose to your organization? While these questions seem basic, most organizations cannot confidently answer them, despite an accelerating trend of third-party threats and incidents. Building a robust third-party risk program is complex and takes time. Building a program that allows information security teams to be strategic in managing third-party risks is even more challenging. During this session, AuditBoard’s Information Security team will guide you through how they successfully transitioned to a strategic and technology-enabled third-party risk program to manage this emerging source of risk.

Taking a Strategic Approach to Your Third-Party Risk Management Program

Sustainability reporting continues to be a fast-evolving area. There has been an uptick in increased regulation over climate-related financial impact and reporting metrics, greenhouse gas emissions and other disclosure requirements that companies report on. Given that at present there aren’t standardized requirements imposed by the SEC, how can internal audit support their companies in their readiness journey and be better prepared to be in compliance with new guidelines? 

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Internal Audit and ESG Sustainability Reporting

IT security doesn't have to be scary. You can do many controls-based reviews without deep expertise. In this session, you will come along on a real-life journey of how Virginia Tech's internal audit team uses several common IT security frameworks to conduct a basic and intermediate-level security controls review of endpoints, servers, and applications. We will focus on the practical and share the pitfalls we've learned along the way with the goal of providing as many resources as possible to help ensure your success.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Using a Framework to Guide an IT Security Review

Digital transformation — largely accelerated by the 2020’s shift to remote work models — altered business operations from a visible set of centrally managed technology assets to a highly distributed, often opaque set of digitally-enabled processes, products, and services. Traditional InfoSec approaches have become fragmented, labor-intensive, and largely insulated from the business at large, an AuditBoard flash poll of information security professionals. 

Watch this webinar from the recent ISACA Virtual Summit, "Building an Effective Risk Management Program" to explore the key security trends driving a new way of managing security operations better suited for the digital age.

CPE: This is a session recording. Credits are not offered for on-demand viewing by AuditBoard or ISACA.

ISACA Virtual Summit Session: Managing Security in the Digital Age

There’s no question that frameworks need to stay relevant with current and emerging threats so organizations can conduct assessments as efficiently as possible and provide practical, yet meaningful, assurances to stakeholders. NIST CSF is a strong base because it’s so practical — so how can companies leverage it to its fullest potential? This session will explore how organizations can get the most value from NIST, including best practices for reporting to the board and investors.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Leveraging NIST to Its Fullest Potential

Cyber breaches and resulting costs reached all-time highs in 2022, with an over 42% global increase in attacks. Organizations want to better prepare for and defend against cyber attacks, but they’re not getting the information they need to do it. Despite the lack of a federal mandate for open disclosure of data breaches and other cyber attacks, the U.S. government is working on solutions. The Cybersecurity & Infrastructure Security Agency (CISA), Cyber Safety Review Board (CSRB), Securities and Exchange Commission (SEC), and Senate are each working to establish guidance and disclosure protocols for preventing and responding to cybersecurity incidents. The Senate’s proposed Securing Open-Source Software Act of 2022 (SOSSA) is a step in the right direction, but the legislation doesn’t go far enough. During this session, John Wheeler will offer context, break down the legislation and its limitations, and share insights on what’s coming in 2023.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Cybersecurity Disclosures: What’s Coming in 2023

Researchers recently debuted ChatGPT, a prototype conversational AI chatbot that can sometimes appear to be human. This means added complexity for security professionals, since many security tools use attackers' poor command of English to detect and block phishing attacks. Can we expect criminals to soon use tools such as ChatGPT to write lures that seem to have been crafted by a native speaker? Is AI a friend or foe to security? During this panel discussion, a group of security professionals will share their viewpoints on AI and how they see  it impacting the future.

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Artificial Intelligence, Friend or Foe?

Enterprise sized challenges require the best minds to tackle them. Watch our experts dive into a walkthrough of the AuditBoard CrossComply product.

By attending this session, you will learn:
- How to navigate our platform and improve company compliance
- How to streamline framework communication for a faster, easier experience
- How to create tasks and reporting to easily collaborate across departments

AuditBoard CrossComply Live Demo

Cybersecurity is one of the most critical issues facing information security and risk management professionals. But, are your systems up to the challenge and are you in compliance with rules being enforced in the US and abroad? The European Union’s General Data Protection Regulation changed the way many companies manage data privacy. California has taken the lead in the states, but will your company be ready if a uniform data security law arises in the US or if more states implement their own rules?

This webinar will delve into how companies should approach compliance management and what processes, assets and risks should be assessed. Attendees will leave the session with a clear picture of what cybersecurity compliance means and why it is vital for companies of all sizes to have a cybersecurity compliance program.

Cybersecurity: Are you in compliance?

Management and boards are pushing to do more with less and as a result are turning to third parties to stay competitive. This strategy, however, comes with risk. Third parties introduce a host of risks including cyber, privacy, resiliency, digital, brand, and regulatory. Leading organizations must be able to transform uncertainty into confidence by developing trust with third parties. To holistically manage third-party risks, it is critical to establish foundational components of a TPRM program and embed TPRM activities throughout the third-party management lifecycle. Learn how organizations are operationalizing their third-party risk programs leveraging a data-driven approach and emerging capabilities. 

CPE: This is a webinar recording. Credits are not offered for on-demand viewing.

Emerging Third-Party Risk Trends Beyond the CISO Office

third-party risk

Risk Management

Risk Mitigation

Risk Framework

Compliance

vendor risk

Information Risk

tprm

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful emerging technology insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on technologies like 3D printing, pervasive robotics, natural interfaces, connected everything and cognitive systems.

Emerging Technologies

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Research and Development

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

Effective financial management strategies can help organizations meet their business objectives. The financial management community on BrightTALK is made up of engaged finance and accounting professionals. Find relevant webinars and roundtable discussions featuring financial planning advice from industry thought leaders and insights into optimizing financial reporting, accounting, risk management and value measurement.

Financial Regulation

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Finance

Get powerful insights to run your business. CEOs, CFOs, CMOs, COOs, CTOs and CIOs are among the leaders in this community who connect with peers and experts to grow their businesses.

CxO Strategy

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Emerging Third-Party Risk Trends Beyond the CISO Office

Presented by

About this talk

More from this channel