EQS 7: Apr 2025 PDM – Third Party Risk Management: Building Resiliency and Trust in the Extended Ecosystem

Welcome to our Enlightening quarterly series (EQS) #7. This quarter’s theme is “Third Party Risk Management: Building Resiliency and Trust in the Extended Ecosystem.

Program Details

Date: Saturday, April 26 2025
Mode: Virtual.
CPE 2:00 Hours

Agenda

17:00 - 17:15: Virtual Networking 
17:15 - 17:18: Welcome by ISACA Chennai Chapter Director Programs
17:20 – 17:30: Chapter Updates & Speaker Introduction
17:30 - 18:50: Third Party Risk Management: Building Resiliency and Trust in the Extended Ecosystem

Description

Third Party Risk Management: Building Resiliency and Trust in the Extended Ecosystem 

Third-party risk is an evolving problem characterised by steadily increasing complexities. In recent years, there has been a tectonic shift in how enterprises operate. Remote working has forced organizations to extend their physical and logical boundaries, while geopolitical developments have forced them to examine supply chain resilience.  

Threat actors are hunting for the weakest supply-chain links to exploit an organization. Disruptions—geopolitical developments, natural disasters, pandemics, cyberattacks—and risk factors that impact a supply chain ecosystem can have catastrophic consequences, creating a domino effect that extends to society at large. 

While organizations continue to reap strategic advantages by utilizing third-party services, risk exposure increases concurrently. Further, there is a growing emphasis on managing risk in the supply chain, and it is a strategic priority discussed at executive levels.  

The proposed three sessions will help set the context on third party risk management and how organizations are addressing the risk and challenges. We will also delve into contemporary and niche practices of third party risk management such as continuous monitoring of third parties and focused assessment of third party SaaS solutions. We will wrap up the series by discussing some practical ideas that one can adapt to help establish or mature their existing third party risk management programs. 

 Speakers

• Vish Ramasubramaniam CISA, CISM, CISSP, CCSP, CTPRP is a Director with KPMG India, specializing in Third Party Risk Management with 17+ years of experience in information security assurance, consulting and management. He has more than a decade of experience developing third-party risk management programs and conducted third-party assessments for organizations across banking, financial services, insurance; technology; and oil and gas industries.
• Aswath Athreya is a Manager with the KPMG India Third Party Risk Management team. He is a risk consultant with nearly 7 years of experience in delivering risk, strategy, and compliance advisory programs for organizations in Oceania, Asia-Pacific, and North America. He specializes in identifying, assessing, and mitigating enterprise and technology risks, and is passionate about enhancing business resilience while driving sustainable growth. With expertise in third-party governance, assurance, and controls transformation, Aswath delivers tailored solutions for diverse industries.