“This course contains the use of artificial intelligence.”

Third-Party Risk Management (TPRM) has become one of the biggest priorities in today’s cybersecurity and compliance landscape. Vendors, suppliers, and service providers are deeply embedded in every business process—but they also introduce hidden risks. A 2024 industry report revealed that 61% of organizations experienced a third-party security incident within a year, making vendor-related breaches one of the fastest-growing threats worldwide.

This course provides a complete, practical, and compliance-focused guide to Third-Party Risk Management. Whether you are a cybersecurity professional, compliance officer, procurement manager, or business leader, you’ll gain the knowledge and tools to assess, monitor, and mitigate vendor risks effectively.

You will learn the full TPRM lifecycle—from vendor onboarding, due diligence, and risk scoring to contract negotiation, continuous monitoring, and incident response planning. We’ll dive into industry frameworks such as ISO/IEC 27036, NIST 800-161, and ISO 27001, and explore how to align with global regulations like NIS2, DORA, and CSDDD.

To make the learning experience practical and actionable, the course includes:

• Step-by-step vendor assessment and risk scoring exercises

• Contract review workshops with essential cybersecurity clauses

• Tabletop simulations of third-party breach scenarios

• Case studies of real-world incidents such as MOVEit and financial services vendor breaches

Step-by-step vendor assessment and risk scoring exercises

Contract review workshops with essential cybersecurity clauses

Tabletop simulations of third-party breach scenarios

Case studies of real-world incidents such as MOVEit and financial services vendor breaches

By the end of this course, you will be able to:

• Build a robust TPRM program that reduces risk exposure

• Embed security safeguards into contracts and vendor agreements

• Implement continuous monitoring tools for proactive defense

• Lead effective incident response and recovery efforts when vendors are breached

• Demonstrate compliance with international standards and regulatory expectations

Build a robust TPRM program that reduces risk exposure

Embed security safeguards into contracts and vendor agreements

Implement continuous monitoring tools for proactive defense

Lead effective incident response and recovery efforts when vendors are breached

Demonstrate compliance with international standards and regulatory expectations

With a strong focus on cybersecurity, compliance, and risk management, this course equips you with both the strategic mindset and practical skills to safeguard your organization against evolving third-party threats.