Policy and Third Party Management

Program Overview

Third-party management is the process whereby companies monitor and manage interactions with all external parties with which they have a relationship. This may include both contractual and non-contractual parties. How should organizations
engage third parties to ensure the protection of personal data? What is the right way of managing your solution providers, vendors, suppliers, and personal information processors? To what extent should you manage them, and how do you conduct proper due diligence to not expose your organization to more risks? Managing third-party personal information processing providers has been a
challenge for compliance, audit, and risk management. For data protection and data governance professionals, it is a must to ensure that vendors and personal information processors (PIPs) support the privacy and data protection compliance
requirements of both the organization and government regulators. You can delegate the task, but not the accountability when your third-party providers suffer a personal data breach, it impacts your organization and your customers.

This course will teach you the frameworks, techniques, and best practices for managing your third-party providers, in the aspect of information security and privacy. Learn how to choose the right vendors and personal information processors, how to conduct due diligence, how to craft policies and contracts which protect your organization, and how to monitor whether your third parties are complying with your terms and requirements.

Program Objectives

The course aims to provide compliance and data protection professionals with the right knowledge and techniques when it comes to managing third-party vendors. Participants will go back to their organization with toolkits that will enable them to
better scrutinize, choose, and manage their third-party providers and personal information processors.
By joining the program, participants will gain the right mindset and confidence to enforce the right practices in third-party management, so that they can help minimize the risk exposure of the business.

What You Will Learn

Day 1: Third-Party & Governance
Day 2: Third-Party Risk Assessment / Due Diligence
Day 3: Policies and Contractual Protections
Day 4: Managing and Monitoring Third-Party Performance
Day 5: Managing and Monitoring Third-Party Performance / Relationships

Key Benefits

Well-structured Program and World-class Faculty

The online program offers a venue for high-impact learning with real-time, experiential, and interactive online sessions.
The participants will learn from AIM’s world-class faculty, industry leaders, and practitioners network.

Gain a Holistic Business Perspective and Deeper Understanding of Privacy and Data Protection

The program helps leaders, managers, supervisors, and individual contributors develop a broader business perspective and a deeper understanding of privacy and data protection linkages between key teams in an organization, such as Finance, Sales, Marketing, Customer Service, Human Resources, and Operations.

Enhanced Privacy and Data Protection Leadership and Personal Data Governance Skills
The program enhances the participants’ capability to lead and manage in a cross-functional setting, improving performance,
planning, collaboration, and execution of cross-functional efforts while embedding privacy and data protection in business processes

Who Should Attend

Data Protection Officers, Data Protection Professionals, Data Governance Officers, and Information Security Officers who
want to enhance their third-party management capabilities.
Compliance Officers, Risk Management Officers, and Audit Management Professionals will also understand how to manage
better and audit their third-party suppliers and vendors.
This program will also benefit entrepreneurs and Business Owners who want to learn how to govern their vendors and
suppliers better to reduce risk.