𝗪𝗵𝗮𝘁
InfosecTrain, a leading cybersecurity training provider, is hosting a 2-Day TPRM: Third-Party Risk Management Fast-Track Bootcamp. This bootcamp is a two-day program that will explain how organizations manage risks from third-party relationships. It will cover TPRM fundamentals, its scope across the vendor lifecycle, and how it works alongside procurement and vendor management with clear ownership and accountability. Key risk concepts, including risk appetite, inherent versus residual risk, and their impact on vendor selection, due diligence, and monitoring, will be explored. The bootcamp will also discuss alignment with frameworks like ISO/IEC 27001:2022 and SOC 2. Day two will focus on program execution, governance, third-party categorization, challenges, and professional growth opportunities within TPRM and GRC roles.
𝗪𝗵𝗲𝗻
28 - 29 March 2026
7:00 PM – 11:00 PM
𝗦𝗽𝗲𝗮𝗸𝗲𝗿
Kavitha
17+ Years of Experience
Information Security | IT Governance | Compliance Audit | ISO 27001 | IT Service Management
𝗪𝗵𝘆 𝗔𝘁𝘁𝗲𝗻𝗱
Attending this bootcamp will equip professionals with practical skills to navigate the complexities of third-party risk in real-world organizational settings. It will help develop sound judgment in assessing risk, setting thresholds, and ensuring accountability across functions. Participants will gain insights into aligning TPRM with organizational strategies, regulatory expectations, and governance requirements. The program will also support cross-functional collaboration with teams like InfoSec, Legal, and Procurement, strengthening professional influence and decision-making. Additionally, it will provide guidance on career growth in TPRM and broader governance, risk, and compliance roles, making it valuable for those looking to formalize their expertise and advance in risk management and third-party oversight.
Agenda (Two Days of Transformative Learning)
𝑫𝒂𝒚 1: 𝑻𝑷𝑹𝑴 𝑭𝒐𝒖𝒏𝒅𝒂𝒕𝒊𝒐𝒏𝒔, 𝑹𝒊𝒔𝒌 𝑪𝒐𝒏𝒄𝒆𝒑𝒕𝒔 & 𝑭𝒓𝒂𝒎𝒆𝒘𝒐𝒓𝒌 𝑨𝒍𝒊𝒈𝒏𝒎𝒆𝒏𝒕
𝗠𝗼𝗱𝘂𝗹𝗲 𝟭: 𝗜𝗻𝘁𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝗼𝗻 𝘁𝗼 𝗧𝗵𝗶𝗿𝗱-𝗣𝗮𝗿𝘁𝘆 𝗥𝗶𝘀𝗸 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁
What is Third-Party Risk Management (TPRM)?
Scope of TPRM across the vendor lifecycle
Why TPRM is critical in today’s risk and regulatory landscape
𝗠𝗼𝗱𝘂𝗹𝗲 𝟮: 𝗣𝗿𝗼𝗰𝘂𝗿𝗲𝗺𝗲𝗻𝘁, 𝗩𝗲𝗻𝗱𝗼𝗿 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 & 𝗧𝗣𝗥𝗠 – 𝗖𝗹𝗲𝗮𝗿 𝗕𝗼𝘂𝗻𝗱𝗮𝗿𝗶𝗲𝘀
Procurement vs Vendor Management vs TPRM
How these functions work together
Clear ownership, responsibilities, and outcomes
Avoiding role overlap and governance gaps
𝗠𝗼𝗱𝘂𝗹𝗲 𝟯: 𝗪𝗵𝘆 𝗧𝗣𝗥𝗠 𝗠𝗮𝘁𝘁𝗲𝗿𝘀 𝗧𝗼𝗱𝗮𝘆 & 𝗢𝗿𝗴𝗮𝗻𝗶𝘇𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗢𝘄𝗻𝗲𝗿𝘀𝗵𝗶𝗽
Growing third-party ecosystems and outsourcing risks
Regulatory and customer expectations
Shared ownership model for effective TPRM
Enabling business without slowing it down
𝗠𝗼𝗱𝘂𝗹𝗲 𝟰: 𝗥𝗶𝘀𝗸 𝗙𝘂𝗻𝗱𝗮𝗺𝗲𝗻𝘁𝗮𝗹𝘀 𝗳𝗼𝗿 𝗧𝗣𝗥𝗠
What is risk and how it impacts organizations
Risk appetite and organizational tolerance
Inherent risk vs residual risk
Importance of residual risk in TPRM decision-making
𝗠𝗼𝗱𝘂𝗹𝗲 𝟱: 𝗥𝗶𝘀𝗸 𝗔𝗽𝗽𝗲𝘁𝗶𝘁𝗲 & 𝗜𝘁𝘀 𝗜𝗺𝗽𝗮𝗰𝘁 𝗼𝗻 𝗧𝗣𝗥𝗠 𝗗𝗲𝗰𝗶𝘀𝗶𝗼𝗻𝘀
Risk-based vendor selection and onboarding
Depth of due diligence and monitoring
Risk escalation thresholds and reporting
Contractual and control implications
𝗠𝗼𝗱𝘂𝗹𝗲 𝟲: 𝗧𝗣𝗥𝗠 𝗔𝗹𝗶𝗴𝗻𝗺𝗲𝗻𝘁 𝘄𝗶𝘁𝗵 𝗜𝗻𝗱𝘂𝘀𝘁𝗿𝘆 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸𝘀
Aligning TPRM with ISO/IEC 27001:2022
SOC 2 Trust Services Criteria and vendor risk
Governance, accountability, and evidence-based oversight
Positioning TPRM as a governance enabler
𝑫𝒂𝒚 2: 𝑻𝑷𝑹𝑴 𝑺𝒕𝒓𝒖𝒄𝒕𝒖𝒓𝒆, 𝑬𝒙𝒆𝒄𝒖𝒕𝒊𝒐𝒏 & 𝑷𝒓𝒐𝒇𝒆𝒔𝒔𝒊𝒐𝒏𝒂𝒍 𝑮𝒓𝒐𝒘𝒕𝒉
Module 7: TPRM Fundamentals & Scope
Core fundamentals of a TPRM program
Scope of third parties (technology & non-technology)
Inclusion of vendors, partners, consultants, and contractors
𝗠𝗼𝗱𝘂𝗹𝗲 𝟴: 𝗧𝗣𝗥𝗠 𝗥𝗼𝗹𝗲𝘀, 𝗥𝗲𝘀𝗽𝗼𝗻𝘀𝗶𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 & 𝗚𝗼𝘃𝗲𝗿𝗻𝗮𝗻𝗰𝗲
Roles of TPRM teams, leadership, and business units
Collaboration with InfoSec, Legal, Procurement, Audit
Shared accountability across the organization
𝗠𝗼𝗱𝘂𝗹𝗲 𝟵: 𝗧𝗵𝗶𝗿𝗱-𝗣𝗮𝗿𝘁𝘆 𝗖𝗮𝘁𝗲𝗴𝗼𝗿𝗶𝘇𝗮𝘁𝗶𝗼𝗻 & 𝗩𝗲𝗻𝗱𝗼𝗿 𝗖𝗹𝗮𝘀𝘀𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻
Identifying and classifying third parties
Risk levels, criticality, and strategic importance
Why categorization is foundational to effective TPRM
Risk-based prioritization and resource allocation
𝗠𝗼𝗱𝘂𝗹𝗲 𝟭𝟬: 𝗖𝘂𝗿𝗿𝗲𝗻𝘁 𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲𝘀 𝗶𝗻 𝗧𝗣𝗥𝗠 𝗣𝗿𝗼𝗴𝗿𝗮𝗺𝘀
Governance and standardization gaps
Manual and inefficient assessments
Limited visibility and weak ongoing monitoring
Regulatory pressure and vendor fatigue
𝗠𝗼𝗱𝘂𝗹𝗲 𝟭𝟭: 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 𝘁𝗼 𝗕𝗲𝗰𝗼𝗺𝗶𝗻𝗴 𝗮 𝗧𝗣𝗥𝗠 𝗣𝗿𝗼𝗳𝗲𝘀𝘀𝗶𝗼𝗻𝗮𝗹
Skills, knowledge areas, and career progression
Understanding how to grow in TPRM roles
Positioning yourself in governance, risk, and compliance domains
𝗠𝗼𝗱𝘂𝗹𝗲 𝟭𝟮: 𝗞𝗻𝗼𝘄𝗹𝗲𝗱𝗴𝗲 𝗖𝗵𝗲𝗰𝗸 & 𝗪𝗿𝗮𝗽-𝗨𝗽
Quiz and interactive discussion
Key takeaways from the bootcamp
Closing notes and next steps
𝗞𝗲𝘆 𝗧𝗮𝗸𝗲𝗮𝘄𝗮𝘆𝘀
Practical understanding of TPRM foundations and vendor risk management
Hands-on exposure to frameworks and risk-based decision-making
Interactive activities, quizzes, and real-world scenarios
Clarity on TPRM roles and career growth in risk and compliance
Apply TPRM concepts to real-world vendor scenarios
Earn 8 CPE Credits
𝗥𝗲𝗴𝗶𝘀𝘁𝗿𝗮𝘁𝗶𝗼𝗻 𝗟𝗶𝗻𝗸:
https://www.infosectrain.com/bootcamp/third-party-risk-management-fast-track-bootcamp/
𝗔𝗯𝗼𝘂𝘁 𝗜𝗻𝗳𝗼𝘀𝗲𝗰𝗧𝗿𝗮𝗶𝗻
InfosecTrain is a recognized leader in cybersecurity training, focused on enhancing awareness and expertise in data protection, cybersecurity, and compliance. Through expert-led sessions and informative events, InfosecTrain equips professionals and organizations to protect sensitive information and effectively navigate the constantly evolving cybersecurity landscape. To know more about training programs offered by InfosecTrain:
Please write back to
[email protected] or call at IND: 1800-843-7890 (Toll-Free) / US: +1 657-221-1127 / UAE: +971 569-908-131