Most organizations do not have a clear picture of which vendors can access their systems or data — or what those vendors' security practices actually look like. This course shows you how to build a vendor risk program that identifies, assesses, and monitors third-party risk before it becomes your problem.
Third-party risk is one of the most undermanaged areas in organizational security. Every vendor with access to your systems or data is an extension of your security perimeter. When they have a breach, you have a problem. When they have weak controls, you carry the exposure. And when regulators, auditors, or customers ask how you manage vendor risk, you need a real answer — not a general reassurance.
This course walks you through building a vendor risk management program from the ground up. You will learn how to inventory and tier your vendors, design a practical assessment process, structure contracts to protect your organization, and build ongoing monitoring into your operations rather than treating vendor review as a one-time event.
Whether you are starting from nothing or trying to mature a program that exists only on paper, this course gives you a framework grounded in what actually works — not theoretical best practices that no operational team can sustain.
No prior compliance experience required.
One-time payment. Lifetime access. Access link delivered by email.
Already purchased? Resend access link