TPRM: Third-Party Risk Management Fast-Track Bootcamp
We don't have any bootcamps scheduled at the moment.
Third-Party Risk Management (TPRM) is critical in today’s interconnected business ecosystem. This fast-track bootcamp provides professionals with practical knowledge of TPRM fundamentals, risk concepts, vendor lifecycle management, and regulatory alignment. Participants will learn to manage third-party risks effectively while enabling business operations and compliance.
Kavitha
17+ Years of ExperienceKavitha is an accomplished IT Security Manager with over 17 years in IT, including 8+ years in Information Security auditing and governance. She specializes in compliance audits, IT governance, and risk management. A certified CISM and ISO 27001:2022 Lead Auditor, Kavitha brings hands-on experience in aligning IT security initiatives with organizational objectives.
Module 1: Introduction to Third-Party Risk
Management
- What is Third-Party Risk Management (TPRM)?
- Scope of TPRM across the vendor lifecycle
- Why TPRM is critical in today’s risk and regulatory landscape
Module 2: Procurement, Vendor Management & TPRM –
Clear Boundaries
- Procurement vs Vendor Management vs TPRM
- How these functions work together
- Clear ownership, responsibilities, and outcomes
- Avoiding role overlap and governance gaps
Module 3: Why TPRM Matters Today & Organizational
Ownership
- Growing third-party ecosystems and outsourcing risks
- Regulatory and customer expectations
- Shared ownership model for effective TPRM
- Enabling business without slowing it down
Module 4: Risk Fundamentals for TPRM
- What is risk and how it impacts organizations
- Risk appetite and organizational tolerance
- Inherent risk vs residual risk
- Importance of residual risk in TPRM decision-making
Module 5: Risk Appetite & Its Impact on TPRM
Decisions
- Risk-based vendor selection and onboarding
- Depth of due diligence and monitoring
- Risk escalation thresholds and reporting
- Contractual and control implications
Module 6: TPRM Alignment with Industry
Frameworks
- Aligning TPRM with ISO/IEC 27001:2022
- SOC 2 Trust Services Criteria and vendor risk
- Governance, accountability, and evidence-based oversight
- Positioning TPRM as a governance enabler
Module 7: TPRM Fundamentals & Scope
- Core fundamentals of a TPRM program
- Scope of third parties (technology & non-technology)
- Inclusion of vendors, partners, consultants, and contractors
Module 8: TPRM Roles, Responsibilities &
Governance
- Roles of TPRM teams, leadership, and business units
- Collaboration with InfoSec, Legal, Procurement, Audit
- Shared accountability across the organization
Module 9: Third-Party Categorization & Vendor
Classification
- Identifying and classifying third parties
- Risk levels, criticality, and strategic importance
- Why categorization is foundational to effective TPRM
- Risk-based prioritization and resource allocation
Module 10: Current Challenges in TPRM
Programs
- Governance and standardization gaps
- Manual and inefficient assessments
- Limited visibility and weak ongoing monitoring
- Regulatory pressure and vendor fatigue
Module 11: Roadmap to Becoming a TPRM
Professional
- Skills, knowledge areas, and career progression
- Understanding how to grow in TPRM roles
- Positioning yourself in governance, risk, and compliance domains
Module 12: Knowledge Check & Wrap-Up
- Quiz and interactive discussion
- Key takeaways from the bootcamp
- Closing notes and next steps
Interested in Joining the
Our advisor will contact you with event details, and exclusive offers!