About This Course
This CLE course dives into factors firms should consider when outsourcing activities or functions to third-party providers. Hear from panelists as they discuss how to mitigate vendor risk with strong technology governance programs that encompass the lifecycle of vendor engagement, from onboarding, performing ongoing due diligence, responding to events, and offboarding.
This session will discuss:
- Vendor Management and Due Diligence
- Regulatory Notice 21-29 (FINRA Reminds Firms of their Supervisory Obligations Related to Outsourcing to Third-Party Vendors)
- Feedback received from the vendor questionnaire
- Best practices and tools for completing VM and DD, both initial and ongoing
- Considerations for working with a vendor, from bidirectional reporting of cyber events, WORM compliance, testing, etc.