How to Use NIST for Third-Party Risk Management

PLEASE NOTE. Certificates of Completion for CPE credit are not available for viewing of archived webinars. For GRCP holders, viewing of archived webinars will be automatically tracked and recorded in your Certification Dashboard on your Profile on the OCEG site and will count toward GRCP CPE requirements only.

Many organizations have standardized their internal information security controls and reporting on the National Institute of Standards and Technology (NIST) cybersecurity framework because of its direct mapping to multiple regulatory requirements. But is it possible to use NIST to also manage the growing concern of third-party and supply chain risks?

This webinar, delivered by compliance expert Thomas Humphreys, will dissect the NIST cybersecurity framework and explain how it can be used to identify and mitigate risks in your supplier ecosystem.

Learning Objectives:

• Discuss the basics of how to use the NIST framework for third-party risk management, including what NIST covers (and doesn’t)

• Review recent changes to the NIST framework and how those changes apply to third-party risk assessments

• Identify important updates you will need to make to your TPRM program in order to be in compliance with NIST

Speaker:

Thomas Humphreys, Content Manager, Prevalent

Related Resources