Written by HITRUST Independent Security Journalist Sean Martin.
Increased regulatory oversight…outsourced relationships that share sensitive information…the evolving threat landscape. Considering all these factors, third-party assurance has become a crucial component of every organization’s risk management program. Or, if it hasn’t, it is sure to hit the project checklist sooner rather than later.
Developing and implementing an effective program to ensure your business partners handle sensitive information properly is a challenging task. It requires alignment and support—internally and with your business partners.
Taking on the Third-Party Risk Management Challenge
This is exactly the challenge that the HITRUST Third Party Assurance Summit 2018 can help you tackle on February 20-21 in Chicago. The Summit brings together leaders and experts (representing customers as well as vendors and consultancies) in various aspects of risk management. Some typical departments and roles that attend the Summit include:
- Information Security
- Enterprise Risk
- Internal Audit and Compliance
- Vendor Risk Management
- Legal and Compliance
- Customer Relationship Management
As with most aspect of business, functional teams from around the organization need work together to meet their collective business objectives. This is often easier said than done, however, as most functional teams have their own key performance indicators (KPIs) which aren’t always in support of other functional teams’ KPIs. This is why it’s extremely important that each functional team have a clear understanding for how third-party risk impacts their role and how they can collaborate with the rest of the organization to encourage efficient, yet effective, third-party risk management processes.
Fortunately, this is another key area where the HITRUST TPA Summit can help as it will bring constituents from all types of roles and functions together to help open up the conversation and establish a common understanding and language to support a collaborative effort for their third-party risk management program.
In addition to a gathering of attendees from various functional roles, the HITRUST TPA Summit will also bring together a fine collection of speakers and leaders from some of these same roles.
The speakers—representing some of the top organizations and brands from across the US—will share best practices, lessons learned and effective third-party risk management strategies that automate and streamline the process when requesting and receiving security and privacy risk assessment information from vendors. It’s information that both organizations and their vendors and business partners can benefit from.
A Great Place to Collaborate
The Summit provides a unique forum for attendees to collaborate in evolving approaches in ensuring effective communications of appropriate, timely and consumable risk management information. A combination of facilitated discussions, educational sessions and networking opportunities—along with general sessions and tracks—can meet each attendee’s specific areas of interest:
- The customer approach and challenges managing third-party risk.
- The vendor approach and challenges supporting third-party assurance requests.
- Collaboration to identify areas of contention and brainstorm solutions.
- Legal and regulatory considerations in the U.S. and internationally.
- The role of continuous monitoring and risk ratings.
- Leveraging HITRUST assurance programs for a comprehensive risk management strategy.
- Streamlining third-party assurance processes via HITRUST vendor risk management systems.
- How the HITRUST assessment meets all regulatory and third-party requirements.
- Vendor identification and risk classification.
- Vendor engagement and outreach.
- Contractual amendments and contracting process.
Who Can Benefit?
Attending the Summit can benefit any organization as well as vendors and business partners that together support the creation, transportation, processing or storage of sensitive information. Sessions will touch upon handling sensitive information relating to health, finance and intellectual property.
By engaging, partnering and coordinating with third parties in the risk management process, your organization can gain greater efficiencies and improve partner relations. Most importantly, you can assure appropriate risk management can be achieved.
What: HITRUST Third Party Assurance Summit 2018
When: February 20-21
Where: Hyatt Regency O’Hare, Chicago
Who Should Attend: Organizations and vendors involved in third-party assurance programs that support the creation, transport, processing or storage of sensitive information—including health, financial and intellectual information.
Learn more and register
The 2018 HITRUST Third Party Assurance Summit 2018 will be held February 20-21 at the Hyatt Regency O’Hare in Chicago. Visit the Summit website page to register.
Here are 5 Reasons to Attend the HITRUST Third Party Assurance Summit:
- Collaborate with other organizations in the Eco System … Meet Top CISOs and other subject matter experts representing customers, third and fourth parties
- Third Party Risk Management… Learn firsthand best practices in implementing a third party risk management program
- Leveraging HITRUST for Third Party Risk Management. Learn how to “Assess once and Report Many”
- The industry is evolving. Keep up to speed with the latest state, federal, and international impacts around third party risk management
- Prepare for the future. Learn what’s next from HITRUST and industry partners, including updates on GDPR, BASICs, Threat Catalog, and more.
You may be interested
“Using Work of Others” Initiative from HITRUST Streamlines IT Security Control Assessments to Promote a Culture of Risk Management CollaborationLacy Deatrich - Sep 11, 2019
By Jeremy Huval, Vice President, Compliance & Internal Audit Completing HITRUST CSF Assessments will now require less time and fewer…
HITRUST® Submits Application to be an Accountability Agent for APEC CertificationLacy Deatrich - Aug 14, 2019
By Anne Kimbol, Chief Privacy Officer, HITRUST HITRUST has submitted its application to be recognized as an Accountability Agent under…
HITRUST Shared Responsibility Program Helps Organizations and Cloud Service Providers Collaborate to Protect Data in the CloudLacy Deatrich - Jul 08, 2019
By Becky Swain, Director, Standards Development Your cloud provider is certified to comply with all the major regulations for protecting…