Practical Third-Party Information Security Risk Management: More Than Questionnaires, Less Than Full-Blown Audits
George Washington University
800 21st Street, N.W.
Washington, DC 20052
Directions
- Soleil Dolce
CISSP, CISM, CTPRP, Vice President, Technologies Risk Management
Wells Fargo
- Sarah Statz
Vice President, Senior Information Security Counsel
American Express
Hear from three seasoned third-party risk veterans as they share practical guidance on effectively managing third-party risk. From contract negotiation to audit artifacts, and finally to the implementation of effective procedural and technical oversight, learn to manage third-party risk without resorting to generic (and often meaningless) questionnaires. Leave the session knowing the essential components for a quality third-party information security risk management program.
- Soleil Dolce, Vice President, Technologies Risk Management, Wells Fargo
- Sarah E. Statz, Vice President, Senior Information Security Counsel, American Express
- Cody Wamsley, Cybersecurity & Privacy Attorney, Dorsey & Whitney LLP
Room 308