BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//GRC 20/20 Research, LLC - ECPv6.15.20//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:GRC 20/20 Research, LLC
X-ORIGINAL-URL:https://www.grc2020.com
X-WR-CALDESC:Events for GRC 20/20 Research, LLC
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:Europe/London
BEGIN:DAYLIGHT
TZOFFSETFROM:+0000
TZOFFSETTO:+0100
TZNAME:BST
DTSTART:20220327T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0100
TZOFFSETTO:+0000
TZNAME:GMT
DTSTART:20221030T010000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:+0000
TZOFFSETTO:+0100
TZNAME:BST
DTSTART:20230326T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0100
TZOFFSETTO:+0000
TZNAME:GMT
DTSTART:20231029T010000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:+0000
TZOFFSETTO:+0100
TZNAME:BST
DTSTART:20240331T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0100
TZOFFSETTO:+0000
TZNAME:GMT
DTSTART:20241027T010000
END:STANDARD
END:VTIMEZONE
BEGIN:VTIMEZONE
TZID:Europe/Amsterdam
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:20220327T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:20221030T010000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:20230326T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:20231029T010000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:20240331T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:20241027T010000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=Europe/London:20230925T100000
DTEND;TZID=Europe/London:20230925T170000
DTSTAMP:20260504T192428
CREATED:20230809T184006Z
LAST-MODIFIED:20230809T184010Z
UID:10002502-1695636000-1695661200@www.grc2020.com
SUMMARY:Third-Party Risk Management by Design Workshop\, London
DESCRIPTION:REGISTER\n\n\n\n\nThe structures and realities of business today have changed. Traditional brick-and-mortar business is outdated: physical buildings and conventional employees no longer define the organization. The modern organization is an interconnected web of relationships\, interactions\, and transactions that span traditional business boundaries. Layers of relationships go beyond traditional employees to include suppliers\, vendors\, outsourcers\, service providers\, contractors\, subcontractors\, consultants\, temporary workers\, agents\, brokers\, dealers\, intermediaries\, partners\, and more. Complexity grows as these interconnected relationships\, processes\, transactions\, and systems nest themselves in intricacies\, such as deep supply chains and subcontracting relationships. Roaming the hallways of an organization means crossing paths with contractors\, consultants\, temporary workers\, and more. Business today relies and thrives on third-party relationships; this is the extended enterprise.  \n\n\n\nIn this context\, organizations struggle to govern their third-party relationships and too often manage risk and compliance within those relationships in silos that fail to see the big picture of risk exposure and the impact on the relationship’s objectives. Risk and compliance challenges do not stop at organizational boundaries. This is particularly true in this new era of ESG in the extended enterprise. An organization can face reputational and economic disaster by establishing or maintaining the wrong business relationships or allowing good business relationships to sour because of weak risk governance. Third-party problems are the organization’s problems and directly impact the brand and reputation\, increasing exposure to risk and compliance matters. When questions of delivery\, business practice\, ethics\, privacy\, safety\, quality\, human rights\, resiliency\, corruption\, security\, and the environment arise\, the organization is held accountable\, and it must ensure that third-party partners behave appropriately.  \n\n\n\nDissociated data\, systems\, processes\, and a myopic risk vision leaves the organization with fragments of the truth that fail to see the big picture of third-party performance\, risk\, and compliance across the enterprise and how it supports its strategy and objectives. The organization needs to have holistic visibility and situational awareness of third-party risk across the enterprise. The complexity of business\, intricacy\, and interconnectedness of third-party risk data requires that the organization implement a third-party risk management strategy.  \n\n\n\nThis workshop aims to provide a blueprint for attendees on effective third-party risk management in a dynamic business\, regulatory\, ESG\, and risk environment. Attendees will learn third-party risk management strategies and processes that can be applied across the organization at either an enterprise or a department level. Learning is done through lectures\, collaboration with peers\, and workshop tasks. \n\n\n\nObjectives of workshop:\n\n\n\nAttendees will take back to their organization approaches to address: \n\n\n\n\nEffectively managing due diligence and third-party risk.\n\n\n\nUnderstand the challenges and pitfalls of managing third-party risk\n\n\n\nAchieve success capitalizing on third-party relationships while maintaining compliance\n\n\n\nFacilitate ongoing monitoring of third-party partners.\n\n\n\nDefine a third party management lifecycle for managing and monitoring third party relationships\n\n\n\nEstablish third party management ownership and accountability\n\n\n\nProvide third party management process consistency\n\n\n\nCommunicate effectively with third parties on matters of risk and compliance\n\n\n\nTrack critical workflow and tasks internally and with third party relationships\n\n\n\nDeliver effective third party governance and assurance to the board of directors\, regulators\, and stakeholders\n\n\n\nMonitor metrics to establish effectiveness or third party management\n\n\n\nIdentify and resolve issues with third parties\n\n\n\nMap third party relationships to objectives\, risks\, controls\, issues\, and other GRC areas\n\n\n\n\nBenefits to attendees:\n\n\n\n\nUnderstand a top-down as well as a bottom-up approach to third party management\n\n\n\nImplement third party management in the context of business strategy\, process\, and operations\n\n\n\nExplore third party management architecture models and how they apply to your organization\n\n\n\nDiscover various third party assessment and monitoring techniques and how they apply to your business\n\n\n\nDevelop an third party information architecture that aligns with business operations and processes\n\n\n\nEffectively communicate and gather attestation on third parties across your organizations\n\n\n\n\nWho should attend?\n\n\n\n\nProcurement Professionals\n\n\n\nSupply Chain Professionals\n\n\n\nEthics & Compliance Professionals\n\n\n\nRisk Management Professionals\n\n\n\nIT Security Professionals\n\n\n\nLegal Professionals\n\n\n\nEnvironmental\, Health & Safety Professionals\n\n\n\nCorporate Social Responsibility & Accountability Professionals\n\n\n\nIndividuals with third party management\, ownership\, or oversight responsibilities\n\n\n\n\nAgenda:\n\n\n\nPart 1: Third Party Management by Design\n\n\n\nWhy Third Party Management Matters\n\n\n\n\nThird Parties in Disarray: how organizations mismanage third parties\n\n\n\nThird Party Exposure: how mismanaged third parties expose the organization to risk\n\n\n\nCurrent drivers & trends pressuring organizations in third party management\n\n\n\nDifferent ways organizations approach third party management\n\n\n\nWhat Effective Third Party Management Achieves: third party management’s role in governance\, risk management\, and compliance\n\n\n\n\nPart 2: Third Party Governance\n\n\n\nBlueprint for Effective Third Party Management\n\n\n\n\nThird Party Governance Committee: bringing together the range of third party management roles and responsibilities in the organization\n\n\n\nThird Party Management Charter: defining a structure to govern third party relationships\n\n\n\nHow to Develop a Third Party Management Strategic Plan\n\n\n\n\nPart 3: Third Party Management Lifecycle\n\n\n\nManaging Third Parties from Onboard to Offboarding\n\n\n\n\nThird party identification & onboarding\n\n\n\nOngoing context monitoring\n\n\n\nThird party communications & attestations\n\n\n\nThird party monitoring & assessment\n\n\n\nThird party forms & approvals\n\n\n\nThird party metrics & reporting\n\n\n\nThird party re-evaluation and offboarding\n\n\n\n\nPart 4: Third Party Management Architecture\n\n\n\nEnabling Information & Technology Management of Third Party Relationships\n\n\n\n\nThird Party Management Information Architecture: Blueprint for Managing Third Party Content and Related Data\n\nTypes of third party management information and how it integrates into third party processes\n\n\n\nComponents and requirements for a third party information architecture\n\n\n\n\n\nThird Party Management Technology Architecture: Blueprint for Enabling Third Party Management Processes with Technology\n\nKinds of third party management technologies and what best serves the organization\n\n\n\nCapabilities and requirements of third party management platforms\n\n\n\n\n\nThird Party Management Business Case: Articulating the Value of Effective Third Party Management\n\nDefining a business case and value of third party management platforms\n\n\n\n\n\n\n \n\n\n\nGRC 20/20 Instructor\n\n\n\nMichael Rasmussen\n\n\n\nGRC 20/20 ResearchMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research\, Michael Rasmussen is an internationally recognized pundit on governance\, risk management\, and compliance (GRC) – with specific expertise on the topics of GRC strategy\, process\, information\, and technology architectures and solutions. With 30+ years of experience\, Michael helps organizations improve GRC processes\, design and implement GRC architectures and select solutions that are effective\, efficient\, and agile. He is a sought-after keynote speaker\, author\, and advisor and is noted as the “Father of GRC” – being the first to define and model the GRC market in February 2002 while at Forrester Research\, Inc. \n\n\n\nRoadshow Host\n\n\n\n\n\n\n\nCoreStream is a firm specialising in the delivery of technology solutions to help our clients improve operational effectiveness\, manage risk and streamline workflow processes. Alongside our core service delivering bespoke software solutions\, we also offer a range of ‘off-the-shelf’ solutions addressing common customer requirements. This enables our clients to benefit from rich functionality at a fraction of the cost were it to be developed from scratch. Our flagship product is a Governance\, Risk and Compliance (GRC) solution\, which provides a single platform for organisations to manage policies\, risks and controls\, demonstrate compliance and gain immediate visibility into performance. \n\n\n\n \nShare this:\n				Email a link to a friend (Opens in new window)\n				Email\n			\n				Print (Opens in new window)\n				Print\n			\n				Share on LinkedIn (Opens in new window)\n				LinkedIn\n			\n				Share on X (Opens in new window)\n				X\n			\n				Share on Facebook (Opens in new window)\n				Facebook
URL:https://www.grc2020.com/event/third-party-risk-management-by-design-workshop-london-2/
CATEGORIES:20/20 Workshops
ATTACH;FMTTYPE=image/png:https://www.grc2020.com/wp-content/uploads/2023/08/Screenshot-2023-08-09-at-1.30.30-PM.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=Europe/Amsterdam:20230926T123000
DTEND;TZID=Europe/Amsterdam:20230926T193000
DTSTAMP:20260504T192428
CREATED:20230809T212726Z
LAST-MODIFIED:20230831T134531Z
UID:10002506-1695731400-1695756600@www.grc2020.com
SUMMARY:Designing GRC programs to Manage Risk\, Regulatory Compliance\, Third-party\, and Digital Operational Resilience Requirements 
DESCRIPTION:REGISTER\n\n\n\n\nDesigning GRC programs to Manage Risk\, Regulatory Compliance\, Third-party\, and Digital Operational Resilience Requirements\n\n\n\nJoin us for a complimentary\, timely\, and informative in-person roundtable and networking event on September 26th in Amsterdam focused on the latest regulatory developments in the EU\, including the Digital Operational Resilience Act (DORA)\, the AI Act\, the Corporate Sustainability Reporting Directive (CSDR)\, and the German Supply Chain Due Diligence Act\, as well as the latest developments in enterprise and operational riskand third-party management requirements. As companies across industries strive to navigate new and complex regulatory requirements and emerging risks\, it becomes crucial to stay informed about the current landscape and aligning the GRC program accordingly. \n\n\n\nThe session\, featuring GRC Pundit Michael Rasmussen\, will dive into the current and upcoming regulations in Europe and the pressing concerns of organizations. We will explore key GRC trends and developments and share valuable insights and strategies to help you stay on top of the changing risk and regulatory landscape in the region. \n\n\n\nWe will discuss essential topics such as:     \n\n\n\n\nUnderstanding key risk and regulatory requirements including DORA\, EU AI Act\, CSDR\, German Supply Chain Due Diligence Act\, and others  \n\n\n\nBest practices for managing digital operational resilience in the face of changing regulatory expectations\n\n\n\nDesigning a robust GRC strategy to effectively manage risk while ensuring compliance with multiple regulatory requirements \n\n\n\n\nWho Should AttendHeads of risk\, operational risk\, compliance\, cyber/IT risk and anyone charged with operational resilience will benefit. \n\n\n\nWe encourage you to bring your questions\, as we anticipate an informative\, engaging\, and interactive discussion. Don’t miss out on this interactive session with industry experts. Register today for this free event\, as space is limited! \n\n\n\nThe session will be followed by networking\, drinks\, and hors d’oeuvres. Agenda: \n\n\n\nRegistration & Welcome Lunch12:30 pm – 01:00 pmOpening RemarksJonathan Quayle\, Regional Vice President\, Europe\, MetricStream01:00 pm – 01:05 pmWorkshop By Michael Rasmussen: Designing GRC programs to Manage Risk\, Regulatory Compliance\, Third-party and Digital Operational Resilience Requirements Speaker:Michael Rasmussen –  GRC Analyst & Pundit\, GRC 20/20 Research01:05 pm – 04:00 pmBreak04:00 pm – 04:20 pmPanel Discussion: Designing GRC programs to manage risk and regulatory\, third-party\, and digital operational resilience requirements 04:20 pm – 05:20 pmWrap up05:20 pm – 05:30 pmCocktails & Hors D’Oeuvres05:30 pm – 07:30 pm\n\n\n\nLocation: The Andaz Hotel by Hyatt (Central Amsterdam) Prinsengracht 587\, 1016 HT Amsterdam\, Netherlands  \n\n\n\nGRC 20/20 Analyst will be presenting at the event . . . \n\n\n\nMichael Rasmussen\n\n\n\nGRC 20/20 ResearchMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research\, Michael Rasmussen is an internationally recognized pundit on governance\, risk management\, and compliance (GRC) – with specific expertise on the topics of GRC strategy\, process\, information\, and technology architectures and solutions. With 30+ years of experience\, Michael helps organizations improve GRC processes\, design and implement GRC architectures and select solutions that are effective\, efficient\, and agile. He is a sought-after keynote speaker\, author\, and advisor and is noted as the “Father of GRC” – being the first to define and model the GRC market in February 2002 while at Forrester Research\, Inc. \n\n\n\nConference Host\n\n\n\n\n\n\n\nMetricStream is a global SaaS leader of GRC solutions that empower organizations to thrive on risk by accelerating growth via risk-aware decisions. We connect governance\, risk management and compliance across the extended enterprise. Our ConnectedGRC and three product lines – BusinessGRC\, CyberGRC\, and ESGRC – are based on a single\, scalable platform that supports you wherever you are on your GRC journey. MetricStream is headquartered in San Jose\, California\, with an operations and R&D center in Bangalore\, India\, and sales and operations support around the globe.  \nShare this:\n				Email a link to a friend (Opens in new window)\n				Email\n			\n				Print (Opens in new window)\n				Print\n			\n				Share on LinkedIn (Opens in new window)\n				LinkedIn\n			\n				Share on X (Opens in new window)\n				X\n			\n				Share on Facebook (Opens in new window)\n				Facebook
URL:https://www.grc2020.com/event/grc-leadership-series-designing-grc-programs-to-manage-risk-regulatory-compliance-third-party-and-digital-operational-resilience-requirements/
CATEGORIES:20/20 Workshops,Conferences
ATTACH;FMTTYPE=image/jpeg:https://www.grc2020.com/wp-content/uploads/2023/08/MS_Amsterdam_Round-table-e1693489505932.jpg
END:VEVENT
END:VCALENDAR