Registration

If you are not logged in, please sign in to register for this event.

Webinar: 3rd Party Info Security Controls Due Diligence

 

Third Party Information Security Controls Due Diligence



Presented by:
Morgan Strobel, HCISPP - Crowe LLP

This presentation will take place on Thursday, April 18, 2019 at 1:00 pm Eastern time (12:00 pm Central time).
This is a FREE webinar for all AHIA members! Non-members - $49 or Join AHIA today to take advantage of this benefit!

Please Note: Registration will close one hour prior to the live event on Thursday, April 18th.  

Session Description: 

In this course, you will learn about the Third Party Risk Management Lifecycle, specific to Information Security assessments. We will discuss the importance of the "Trust but Verify" model and when it is appropriate to rely on questionnaires. We will also discuss when to rely on various attestation reports, as well as what to look for within a System and Organization Controls (SOC) report, penetration test, PCI AoC, and other key artifacts. The presentation will also walk the participants through how to assess software development (SDLC) procedures and how to review network diagrams and data flow specific to in scope services. 

Learning Objectives:

 

Following this discussion, participants will be able to:

  • Discuss the importance of the "Trust but Verify" model and when it is appropriate to rely on questionnaires.
  • Explain when to rely on various attestation reports, as well as what to look for within a System and Organization Controls (SOC) report, penetration test, PCI AoC, and other key artifacts.
  • Describe how to assess software development (SDLC) procedures and how to review network diagrams and data flow specific to in scope services.


Program Level:
 All

Field of Study: Information Technology

Prerequisites: None

Who should attend: Information Security Professionals interested in Third Party Risk

Delivery Method: Interactive discussion using telephone and Internet technology.

CPE Credits: 1 credit

Speaker Bio(s):
Morgan Strobel, HCISPP - Crowe LLP 
Ms. Strobel manages customer accounts and teams, governing team activities to ensure superior quality for our customers.  She has over seven years’ experience in information security and third-party risk consulting. She has deep expertise in network architecture, cloud computing and vulnerability management. Her experience also includes assessing third-party business continuity plans, and determining if third parties can maintain proper resiliency in the face of crisis.

Relevant Experience
Morgan is part of the core third-party solutions delivery team.
Morgan’s experience includes:
Onsite and remote third-party control assessments
Performing infrastructure security assessments, which include all elements of an organization’s information technology infrastructure
Detailed technical analysis including firewalls, intrusion detection, data loss prevention, anti-virus and other security related tools
Supporting clients with compliance to various regulations and security standards, including the HIPAA security rule


Please Note: If you wish to receive continuing professional education credits for participating in the discussion, you are required to register and pay the registration fees. You will also be required to answer 3 of the 4 questions asked online during the discussion to qualify for CPE credit.

Cancellations received in writing prior to a week before the discussion will be issued a refund less a $30 processing fee. No refunds for cancellations within the week of the discussion. For more information regarding refund, complaint and program cancellation policies, please contact AHIA at 888-ASK-AHIA (275-2442).


Continuing Professional Education Credits:
AHIA is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.learningmarket.org.

When
4/18/2019 12:00 PM - 4/18/2019 1:00 PM