Webinar

< Back to all webinars
Industry Leaders

About Our Experts

Colin Whittaker

Founder and Director Informed Risk Decisions Ltd
Colin has over 15 years of experience advancing payment risk and security strategies in Europe and the US. He led PCI compliance initiatives, coordinated responses to cardholder data breaches, and introduced innovative compliance programs. Now independent, he provides cybersecurity risk consultancy and shares insights at major global industry events.

Todd Boehler

Senior Vice President of Product Strategy, at Process Unity
Todd has nearly 20 years of experience in product management and strategy, driving cloud services and risk and compliance solutions. He has a strong background in governance, risk, and compliance (GRC), having founded a startup later acquired by Oracle, and works closely with teams to deliver high-value solutions.

Mark Deluca

Power Applications, Value Management at Coupa
Mark brings extensive experience in enterprise applications, HR systems, and supply chain technology, having supported major global organizations through multiple technological shifts. His work spans sales, product management, and marketing, with over eight years dedicated to advancing third-party risk management. He is known for helping companies strengthen vendor oversight and reduce operational risk.

Jason Sabourin

Vice President of Product Management at Vector Solutions
Jason specializes in developing and refining technology used to manage third-party risk, privacy operations, and data governance. His customer-driven approach shapes product features that address real-world challenges in compliance and security. With experience bringing major privacy tools to market and a strong technical background, he focuses on improving efficiency and risk transparency for organizations.

Evan Tegethoff

Director of Engineering and Consulting at BitSight
Evan has extensive experience in risk and compliance management, specializing in third-party risk strategies for large organizations. He has led consulting teams in developing risk assessment frameworks, enhancing organizational risk programs, and delivering actionable insights. He holds a degree from Michigan State University and brings practical expertise in enterprise risk solutions.

Key Steps to Mature Your Third-Party Risk Management Program

Oct 31 / IT GRC Forum

High-profile data breaches continue to reveal how much risk vendors and subcontractors introduce into an organization’s security ecosystem. As third-party relationships grow, so does the need for stronger oversight, consistent assessments, and reliable processes that reduce exposure to cyber threats. Building an effective third-party risk management program is an evolving journey that requires continual learning, refinement, and adaptation.


As programs mature, organizations gain measurable benefits, including fewer vendor-related risks, reduced operational costs, improved performance, and stronger compliance. Because every company is at a different stage, it’s essential to understand the foundational steps that support long-term progress. This includes evaluating your vendor ecosystem, identifying critical risk touchpoints, and ensuring the right tools and data are in place to support decision-making.


This session will explore how to build a third-party risk management maturity roadmap, connect enterprise systems to create a centralized data repository, and incorporate external intelligence for a holistic view of vendor security. Experts will share practical guidance to strengthen monitoring, streamline workflows, and evolve your program to reduce overall risk in a rapidly shifting threat landscape.