Navigate Up



 Third Party Risk Management and Assessment

Chapter Training
9/15/2014 9:30 AM
9/15/2014 2:00 PM
Rivers Club | Pennsylvania

Registration: 9:30 AM – 10:00 AM

Program & Lunch: 10:00 AM – 2:00 PM

CPE: 3 CPE Hours

Location: Rivers Club, One Oxford Center, 301 Grant Street, Pittsburgh, PA 15219

Members: $50 (includes lunch!)

Non-Members: $75 (includes lunch!)

Registration: E-mail your reservation to Kristen Backo-Weaver at

Seminar Description:
It’s 8 pm…do you know what your vendors are doing? If you or your management are losing sleep at night to this question, then you truly don’t want to miss this discussion on third party risk management.
This brief seminar will concentrate on the basics of implementing a sound third party assurance / assessment program including the “who’s,” “what’s,” and “how’s.” Learn from practitioners from various industries on how they implemented their programs, how they maintain them, and the challenges they face. Considerations to data, legal issues and internal and vendor obstacles will be discussed.
The program will commence with a two-hour presentation by Thomas Garrubba, CISA, CRISC, CIPP/IT.  Tom, as the Senior Privacy Manager at CVS Caremark was responsible for implementing the third party risk management program.  Tom has also served on the Steering Committee for the BITS/Shared Assessment Program and he actively works with senior members of the Sante Fe Group who assist in governing the Assessment Program in conducting industry studies and trend monitoring. 
As a recognized leader in the third party risk management, Tom has presented this topic at the International Association of Privacy Professionals – Privacy Academy in Seattle, WA and the Annual Privacy Academy in San Jose, CA.
On behalf of the Shared Assessments Program, Tom has presented Vendor and third party risk management topics from 2011 through the summer of 2014. 

Upon completion of Tom’s presentation regarding the assessment of third party risks and related management thereof, we will turn to a panel discussion with key management of companies who have implemented third party risk assessments and/or perform third party monitoring.  Each company represents a unique level of maturity in the third party risk assessment process and a representative sample of industries including:  financial, government, manufacturing and healthcare

Panelists Include:
                                       Brad Douglas – PNC Bank                         

John Slowey – Big Heart Pet Brands

Donald E. Williams – Churchill & Harriman, Inc.
Brad Douglas, Supply Chain Management Executive
PNC Bank
A 26-year business veteran, Brad Douglas joined PNC in early 2014.  In his role, Mr. Douglas is responsible for Strategic Sourcing, Enterprise Third Party Management, Global Sourcing & Procurement, Accounts Payable and Corporate Records Management.  One of his primary responsibilities is the implementation of an enhanced Third Party Management program to effectively mitigate risks encountered through the engagement of various third party suppliers.
John Slowey, Director – Internal Audit
Big Heart Pet Brands
John Slowey has more than 21 years of internal audit experience in the Consumer Products industry, and currently serves as the Director of Internal Audit for Big Heart Pet Brands.  John works with management to assist in audits of third parties such as: co-manufacturing partners, third party distribution centers and transportation services providers.   
Donald E. Williams, Senior Consultant and Manager of Operations
Churchill & Harriman, Inc.
Donald Williams has managed all aspects of the organization’s delivery services, internal financial management and development of Churchill & Harriman’s Vendor Assessment Program, Risk Management Program.  Williams also led the third party risk management analysis for two large financial institutions.