News Feed

Outsourced Third Party Relationship Management: What You Need for a Compliant Program

February 20th, 2018 9:00 AM – 3:00 PM

REGISTER NOW!

Outsourced Third Party Relationship Management: What You Need for a Compliant Program
February 20, 2018
9:00 am – 3:00 pm

Session Overview
The regulators have raised the bar for your Outsourced Third Party Relationship Management Program (Vendor Management) in recent years. Requirements are more stringent and expectations are high. Financial institution reliance on outsourced services continues to increase and the regulators are concerned that your internal procedures and risk management process may not be keeping pace with the level of risk and complexity of those relationships.

Risk management of your outsourced third parties is a key element of your overall information and cyber security program and a hot topic for examinations. Outsourcing places confidential customer information in someone else's hands along with control for the security of that information, but you still retain the responsibility for ensuring the integrity, confidentiality, and security of the information. In fact the regulators have stated that “a community bank should adopt risk management practices commensurate with the level of risk and complexity of its third-party relationships and the board and senior management should identify those third party relationships that involve critical activities and ensure the bank has risk management practices in place to assess, monitor, and manage the risks. The risk management process must remain in effective throughout the life cycle of the relationship.

Some of the key areas of the risk management program, which will be covered in the seminar, include:

  • Planning to ensure the relationship aligns with the bank’s strategy
  • Identification of the risk associated
  • Performing due diligence in selecting a third party
  • Proper contracts
  • Ongoing monitoring of the activities and performance of the third party
  • Establishing roles and responsibilities that encompass the life cycle
  • Performing independent reviews of the risk management process

While you need to trust your third parties, the trust can't be blind. Therefore, you must establish a risk management program that includes rules, guidelines, and performance measurement criteria. Just as you run your business with best practices in mind, your outsourced partners should do the same. The outsourcing environment is also undergoing changes with the arrival of "cloud computing", which makes due diligence even more critical. But don't forget about what happens after the contract is signed; due diligence is only part of the equation. Continuing to oversee and monitor that relationship and ensuring performance standards and security requirements are adhered to is also critical.

Session Agenda
8:30 am to 9:00 am - Signing in, networking, light breakfast
9:00 am to 3:00 pm - Training (Lunch is Provided)

About Your Speaker
Susan Orr
President, Susan Orr Consulting, LTD.

Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise.
 
As an auditor and consultant, Susan is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices.  Her expertise as an auditor and former examiner provides her the knowledge and expertise to conduct comprehensive IT general control and data security reviews and assist de novo institutions in the vendor selection process, preparing policies and procedures, and instituting controls. 

She also consults for numerous security providers and vendors helping them align products and services to meet institution regulatory mandates.  Susan is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Certified Risk Professional (CRP).

Session Fees
$290 for credit unions with >$50M in assets
$145 for credit unions with <$50M in assets
$72.50 for credit unions with <$10M in assets

Tuition Reimbursement
Maryland and D.C.-based credit unions with up to $150 million in assets may be eligible for up to 75% educational reimbursement from the Credit Union Foundation of MD & DC.

MD | DC Credit Union Association
8975 Guilford Road
Suite 190
Columbia, MD 21046-21046

Event Info

When

February 20th, 2018 9:00 AM – 3:00 PM

Where

MD | DC Credit Union Association
8975 Guilford Road
Suite 190
Columbia, MD 21046-21046

Contact

Phone: 443-325-0772
Email:

Submit Content

Upcoming Events