Jay Gallman
Risk Advisor,
Duke University
Putting the Pro (and Cure!) in Procurement and Third-Party Risk Management: Security, Privacy, and Institutional Reviews (separate registration is required)
Monday, May 19, 2025 | 8:00AM–4:00PM ET | Harborside Ballroom E, 4th Floor
Session Type:
Preconference Workshop
Delivery Format:
Additional Fee Program
This interactive workshop will introduce participants to the current privacy, security, and accessibility third-party risk management landscapes. They will discuss core considerations relevant to reviewing and selecting third-party products and services best-suited for campus deployment. Presenters will identify and discuss institutional stakeholders; provide examples of meaningful, productive security using HECVAT or other tools; discuss privacy and institutional reviews with incorporated contractual considerations; and help participants create new or streamlined processes. Institutional reviews may include vendor management, procurement, IT accessibility, legal, and many other aspects for campuses to prioritize.
This workshop will highlight real examples of assessments used at peer institutions and will explain why some were successful and others were not. Presenters will share experiences of what they and their teams have determined successful third-party partnerships should look like and engage with the audience to illustrate what third-party engagement looks like on their campuses. They will answer and foreshadow what metrics of success look like across campuses to identify and mitigate vendor risk?a current and important topic on everyone's minds! We will reserve time for your questions and group discussion.
Join us as we tear down the walls of complexity surrounding vendor assessment and equip you with the tools and resources to scale meaningful and productive reviews within your organization.
