Certified Banking Third Party Manager

Overview

Financial institutions often outsource functions and use technologies and software that are provided by third parties to achieve business objectives. Outsourcing is required to keep pace with consumer demand and competition. Consequently, a financial institution must develop a Third-Party Management Program to empower management to formulate and execute a strategy for overseeing third party relationships which have specialized expertise, enabling the financial institution to benefit from reduced costs, improved efficiencies, and access to external knowledge and products. These advantages support the financial institution’s safe and sound operational priorities, business objectives, and growth goals, aiming to meet and exceed consumer needs and competitive demands. Financial institution examiners require repeatable and tested third party management programs as part of their IT Examination process.

Learning Objectives

The American Security and Privacy Certified Banking Third Party Management Program covers a wide variety of third party and third-party management topics, including:

• Reviewing third party breaches.
• Understanding third party management law and regulation, including FFIEC guidance (Interagency Guidance on Third-Party Relationships: Risk Management) and the IT Booklets.
• Conducting third party due diligence during third party selection.
• Conducting third party due diligence during ongoing third-party management.
• Preparing third party contracts, including required sections and language.
• Safeguarding the security and privacy of data through the third-party management system.
• Ensuring a solid and repeatable third-party management risk management process.
• Ensuring proper identification of security risks and privacy harms related to the use of third-party third parties.
• Ensuring appropriate risk mitigation and management protections are identified, evaluated, and implemented for both information security and data privacy.
• Ensuring oversight and monitoring so that appropriate controls are in place for consistent compliance with policies and procedures.
• Conducting periodic testing, measuring, and auditing to ensure compliance and assessing the effectiveness of policies and procedures in protecting consumer and financial institution data.

Audience

• Information Security Officer – Learn how to lead developing and implementing an Information Security Program for a financial institution
• Information Privacy Officer – Learn what goes into an Information Security Program so that you can build an Information Privacy Program which addresses the security principle
• Risk Management – Learning how to assess risk of systems to understand what is putting the organization at cyber risk
• Chief Operations Officer / President – Learn what data security is all about and what an organization needs to plan for in this evolving space
• IT Director/Manager – Learn how to position the IT department with an understanding of data security and the policies and controls necessary
• Compliance and Audit – Learn an effective IT audit process
• Third Party Manager – Learn how to build a Third-Party Management Program to meet regulatory, security, and privacy demands
• Human Resources – Learn how to build and support security awareness, training, and educational programs

Instructor Contact Information

Please note that Dr. Streff’s contact information has changed after the creation of the coursework. Please use this contact information versus the one provided within the coursework.

605-270-4427

[email protected]

drstreff.com