“This course contains the use of artificial intelligence.”

Third-Party Risk Management (TPRM) has become one of the biggest priorities in today’s cybersecurity and compliance landscape. Vendors, suppliers, and service providers are deeply embedded in every business process—but they also introduce hidden risks. A 2024 industry report revealed that 61% of organizations experienced a third-party security incident within a year, making vendor-related breaches one of the fastest-growing threats worldwide.

This course provides a complete, practical, and compliance-focused guide to Third-Party Risk Management. Whether you are a cybersecurity professional, compliance officer, procurement manager, or business leader, you’ll gain the knowledge and tools to assess, monitor, and mitigate vendor risks effectively.

You will learn the full TPRM lifecycle—from vendor onboarding, due diligence, and risk scoring to contract negotiation, continuous monitoring, and incident response planning. We’ll dive into industry frameworks such as ISO/IEC 27036, NIST 800-161, and ISO 27001, and explore how to align with global regulations like NIS2, DORA, and CSDDD.

To make the learning experience practical and actionable, the course includes:

• Step-by-step vendor assessment and risk scoring exercises

• Contract review workshops with essential cybersecurity clauses

• Tabletop simulations of third-party breach scenarios

• Case studies of real-world incidents such as MOVEit and financial services vendor breaches

By the end of this course, you will be able to:

• Build a robust TPRM program that reduces risk exposure

• Embed security safeguards into contracts and vendor agreements

• Implement continuous monitoring tools for proactive defense

• Lead effective incident response and recovery efforts when vendors are breached

• Demonstrate compliance with international standards and regulatory expectations

With a strong focus on cybersecurity, compliance, and risk management, this course equips you with both the strategic mindset and practical skills to safeguard your organization against evolving third-party threats.

À qui ce cours s’adresse-t-il ?

• Cybersecurity professionals expanding into supply chain and vendor risk management
• Compliance officers, auditors, and legal teams handling third-party oversight
• IT and procurement managers responsible for vendor selection and contracts
• Business leaders and board members accountable for regulatory compliance
• Anyone seeking to build or strengthen a TPRM program within their organization