professional development courses

  • Professional Development Courses

    Our courses are designed to deliver highly focussed, practical training on an open enrollement basis, covering all professionals, industries and regions.

  • Training by Regional and Sector

    Courses can either isolate regional or sector differences or celebrate them through both course delivery and trainee participation

  • It takes the best to train the best

    We employ the best trainers from unrivalled access to the world's leading minds in all industries and regional markets. Carefully selected for their mix of practical experience, consultative background in a broad range of companies and proven training delivery. You need the best, we insist on it!

  • Our training philosophy

    Our expert trainers combine with our cutting edge course content to focus on delivering content through expert facilitation and dynamic presentations with relevant and transferable practical case studies bringing the theory to life.

Third and Fourth Party Vendor Risk Management

New regulations, technologies, standards, and security threats require organisations to implement robust vendor oversight to meet and stay ahead of the latest risks and challenges from new payment methods and systems, data breaches, and cyber-attacks. However, the service provider control evaluation process has long been inefficient and costly. Each outsourcing organisation produces and distributes its own proprietary questionnaire to each of its service providers. Service providers strain their resources to respond to diverse client information requests. Inconsistencies from questionnaire to questionnaire cause delays for all parties. Time and resource intensive onsite visits further burden both the outsourcer and the service provider. This course will enable you to enhance your existing third party risk programmes, or establish a new programme to best manage the increased risks facing companies, to ensure you are protected against losses, and prevent further reputational damage from losses through third parties.

Turning 'Theory' into 'Practice'?

Stage One: To ensure that you gain maximum benefit from this event, a detailed questionnaire will be sent to you to establish exactly what your training needs are. Stage Two: The completed forms will be analysed by the course trainer to tailor the course to your individual requirements. Stage Three: The course trainer will specially select case studies and exercises, delivered at an appropriate level, to address relevant issues. Stage Four: Comprehensive course material will enable you to digest the subject matter in your own time both during and following the course.

Who should attend?

All those responsible for managing third party risk, including those in supplier, outsourcing, third party, and supply chain risk and management, as well as those who oversee operational risk.

Key areas to be covered in the programme and documentation

The Value Proposition of an Evolved Third Party Vendor Risk Management Process
• Determine the business value that a robust Third Party Vendor Risk Management programme brings to an organisation
• Recognise the characteristics of a strong and mature Third Party Vendor Risk Management programme
• Identify ways to link your Third Party Vendor Risk Management within strategic planning

Fourth Party Risk Management
• Discuss regulatory guidelines, including GDPR
• Drive open discussions with third party vendors
• Create a list of most important or high risk fourth party vendors

Develop a Strategic Approach to Third Party Vendor Risk Management
• Define Third Party Risk and setting the Vendor Risk Programme Framework
• Understanding programme alignment and establishing policies, standards, and procedures to ensure you are addressing compliance risk
• Utilise interrelationships for identifying scopes of work and affected data elements
• Identify board reporting tactics and management oversight and what they need to hear
• Understand the data types involved and what this could mean to your compliance efforts

Understand the importance of the Contract Lifecycle
• Establish a process to consistently review master services agreements to ensure both parties are aware of the data elements, the processes involved and where the process is being performed
• Identify the success criteria for the third party vendor and why these need to be in the contract
• Identify the technical requirements involved, such as data elements, IT components, connectivity, as well as the third party vendor’s requirements for the customer

Understand the Risk Control Areas to be Reviewed and Analysed
• Identify areas that need to be reviewed and what to look for
• Explore methodologies and tools for risk identification
• Identify whether or not an onsite assessment needs to be performed

Develop Third Party Vendor Assessment Best Practices, Procedures and Processes
• Learn coordination of offshore and onshore assessments
• Utilise industry established tools and techniques
• Understand how collaboration efforts can cut assessment time and costs
• Select assessment firms to perform third party risk assessments and analysis

GRC Tool Analysis and Applicability
• Understand what tools are available and what to ask your GRC provider with respect to a third party vendor risk module
• Discuss how GRC tools can assist your programme’s compliance to other enterprise initiatives

Benefits to you

• Learn proper dialog with executive management to set “tone at the top” so they understand the importance of an effective third party risk management programme
• Understand basic principles of third party vendor risk so you can develop or modify the foundation of your risk management programme
• Identify the risk control areas to focus on when analysing and assessing your third party vendors
• Comprehend how to prioritise and risk rate your third party vendors for review
• Realise how to assess your vendors through both trust and verify methods
• Establish effective forms of communicating and reporting risk to applicable stakeholders
• Discover which department best suits for managing the programme
• Discuss how GRC tools may assist
• Analyse and discuss real world scenarios of third party vendor activities and how this may affect your organisation
• Interact with course leader and other third party risk advocates on methods to implement and fine-tune their third party vendor risk programme

Companies already benefiting include:

Duration of Course

2 Day Course

Course details

14-15 November 2019, London, UK, PT4057

Looking to train larger teams in this subject?

dzingim@marcusevansuk.comTailored in-house/in-company training courses and bespoke strategy workshops designed and delivered on-site throughout Europe according to your specific requirements.

All management, personal development and project management public courses featured in our Course Directory are also delivered on an In-Company basis.

Click Here for information on how this course can be delivered for you as an In-Company Training Solution


Quick Enquiry
Training need Input the below captcha code

Further information

UK Enquiries: +44 (0) 203 002 3057

Non-UK Enquiries: +420 (0)2 5570 7246

North American Enquiries: +1 312 540 3000 X6714 or - Marketing Manager EMEA - Professional Training

UK Enquiries: +44 (0)20 7647 2383 :
European Enquiries: +420 (0)2 5570 7246 :


"This course will allow my company to develop its existing strategies to a much greater and hopefully profitable level."

Managing Director, Tarmac