Speaker: Latha Sunderkrishnan,
Designation: Founder-Director of Clarimonde Solutions OPC Pvt. Ltd.
Topic: How to Conduct Vendor Risk Management to Prevent Data Leaks
Date of Webinar: March 17th , 2021
Time and Location: 5:00 PM IST/ 6:30 AM EST/ 03:30 PM PST
Latha Sunderkrishnan (Independent Director, CISA, ISO27001 LA, COBIT 5 Foundation) is the Founder-Director of Clarimonde Solutions OPC Pvt. Ltd. India.
She is an Electronics Engineer with more than 25 years of experience in IT and Information Security. She has worked with various multinational organizations in a wide variety of technologies. She has experience in cybersecurity audits and consulting, including managing projects for ISO 27001:2013 ISO9001, PCI DSS, Information Security Risk Management, IT Act compliance, data leak prevention, and regulatory audits, and vendor management.
She has wide-ranging experience in training, implementation, audit process, and conducting training for ICAI – Faculty for CA institute.
She has held various leadership positions in software projects, quality assurance and management, customer support, testing, and release management.
Modern enterprises outsource non-core processes and operations to business partners and vendors, and it is immensely important that a thorough risk assessment is performed of all control aspects and at all times — before the outsourcing and continuing risk assessments.
Regulators hold enterprises responsible for data leakages by business partners and vendors. Therefore, enterprises need to ensure that appropriate metrics for measurement of vendor and business partner performance is well laid out in the agreements with the vendors and business partners.
- Emerging practices are organizing People, Processes, and Technology in such a manner that Vendor Risk Management has become an integral part of the Enterprise Risk Management and Governance and Compliance (GRC).
- Third-party audits of businesses and operations of key vendor and business partners need to be conducted.
*Examples, analysis, views and opinion shared by the speakers are personal and not endorsed by EC-Council or their respective employer(s)