TMCnet News
HITRUST Announces Third Party Assurance Summit 2018HITRUST announced today the HITRUST Third Party Assurance Summit 2018, set for February 20-21, 2018 in Chicago. The conference is created to bring customers and vendors together for the first time to make third-party and fourth-party risk management a shared responsibility. Third-party assurance is a crucial component of an organization's risk management program. In many cases, organizations have hundreds, or even thousands, of vendors and business partners helping them keep their business running. On the other end of the contracts are the third-party vendors, which often find themselves doing business with hundreds or thousands of business partners. With the complex web of connections and contracts, it can be extremely difficult-at best-to manage risk throughout the entire supply chain. Given increased regulatory oversight, reliance on and complexity of outsourced relationships and an evolving threat landscape, developing and implementing an effective program requires alignment and support internally and externally. Therefore, streamlining the risk management processes for both the business partners and their vendors is an action that can have an immediate and marked improvement on how businesses of all shapes and sizes work together to proactively manage supply chain risk. "Today's approaches to third-party and fourth-party risk management are enormously resource intensive and result in inconsistent outcomes. Finding the answer to more effective and efficient third-party assurance needs to start with a conversation between the customers, vendors and business partners impacted by the requirements and the requests. Traditionally, these groups have worked in silos. The HITRUST Third Party Assurance Summit aims to change this by providing a unique forum for bringing all stakeholders-all the way up to the board-together to truly collaborate and mitigate risk throughout the entire supply chain," said Michael Parisi, VP Assurance Strategy and Community Development, HITRUST. The HITRUST Third Party Assurance Summit will bring together leaders and experts representing customers, vendors and consultancies in various aspects of business continuity, information security, audit and compliance, and risk management. It will span two days of sharing perspectives and lessons learned, exploring implementation challenges and best practices, and facilitating peer discussions to identify third-party risk management strategies leveraging the HITRUST Assessment Exchange and the HITRUST CSF Assurance Program-the most widely utilized assessment approach for third-party assurance. The Summit provides a combination of facilitated discussions, educational sessions and networking opportunities with general sessions and tracks specific to customer r vendor areas of interest. Topics include:
"For a third-party risk program to scale sustainably and effectively, it is imperative that there be alignment across the industry. Unless both the enterprises and their service providers both perceive and realize value from the program, it is unlikely that it will succeed," said Omar Khawaja, Vice President and Chief Information Security Officer, Highmark, Inc. The Summit Committee includes these high-profile industry leaders: Jeff Martin, Manager, Information Security-VSRM, Anthem, Inc.; Debbie Hutchinson, Director IT Audit & Third Party Assurance, Availity; Jutta Williams, Program Manager, Health Research, Google (News - Alert); Omar Khawaja, VP & CISO, Highmark; Chetana Sankhye, Director, Vendor Risk Management & Technology Risk Management, Kaiser Permanente; Hector Rodriguez, CISO, Worldwide Health, Microsoft (News - Alert); Bob Smith, Senior Manager, Technology & Compliance, Salesforce; Bryan Sheehan, Senior Director, Enterprise Information Security, UnitedHealth Group; John Houston, Vice President & Associate Counsel, University of Pittsburgh Medical Center; and Taylor Lehmann , CISO, Wellforce. Attendees represent any organization that leverages a third-party vendor to support the creation, transport, processing or storage of sensitive information, including health, financial and intellectual data. Departments include: Information Security, Enterprise Risk, Internal Audit and Compliance, Procurement, Vendor Risk Management, Finance, Legal and Compliance, Customer Relationship Management. To download the full agenda: http://www.cvent.com/events/hitrust-third-party-assurance-summit-2018/event-summary-e5151b0926ee4c21abe96cbdd025b50f.aspx For a media pass, please contact: [email protected] About HITRUST Founded in 2007, HITRUST Alliance is a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain. In collaboration with privacy, information security and risk management leaders from both the public and private sectors, HITRUST develops, maintains and provides broad access to its widely adopted common risk and compliance management and de-identification frameworks; related assessment and assurance methodologies; and initiatives advancing cyber sharing, analysis and resilience. HITRUST actively participates in many efforts in government advocacy, community building and cybersecurity education. For more information, visit www.hitrustalliance.net.
View source version on businesswire.com: http://www.businesswire.com/news/home/20171116005424/en/ |