Details

Our training courses are available to everyone. Membership is not required.

Online

Courses are delivered online via Microsoft Teams, split into two half-day sessions (7 hours total).

In-person

Host an in-house training session for your team. Contact us for a quote.

Online

$950 (inc. GST)

per person, per training course

Go to Member Portal for discount code

15% discount for AUSCERT Members

Access the discount code via the Member Portal and use it on the course registration form.

Upcoming Dates

April 1 - April 2 2025
August 5 - August 6 2025

This course is designed to provide a comprehensive understanding of managing cyber risks associated with third-party suppliers and partners. It is suitable for professionals from various backgrounds, including project managers, business continuity professionals, risk managers, and executives, without requiring any prior IT knowledge.ย 

Participants will gain a thorough insight into the importance of managing third-party cyber risks and learn how to identify and assess potential risks from third-party suppliers. The course will cover the impact of these risks on business operations and data security, and provide strategies to mitigate and manage them effectively. Attendees will stay informed about the current landscape of third-party cyber threats and learn about key controls and best practices for managing these risks. The course will also emphasise the role of continuous monitoring and vendor assessments in maintaining security.ย 

The approach of the course includes providing an overview of third-party cyber-risk management and explaining key concepts and principles in simple, non-technical terms. A mix of engaging learning experiences, such as case studies, exercises, discussions, and interactive activities, will be used to keep participants engaged and facilitate learning. Participants will be encouraged to share their experiences and insights, fostering a collaborative learning environment. Practical examples and scenarios will be provided to illustrate how third-party risk management works in real-world situations.ย 

Requirements

  • No prior IT knowledge is required. A basic understanding of risk management, business operations, and supplier relationships is beneficial.

Outcomes

  • Gain insight into the importance of managing third-party cyber risks.
  • Industry landscape and current trends in third-party cyber risks.
  • Identifying primary risks in third-party engagements.
  • Data handling risks in third-party contexts.
  • Manage third-party cyber risks through alignment with standards (NIST CSF 2.0, ISO 27001, CIS v8.1).
  • Assess cyber risks of third-party suppliers (use of questionnaires, registers, policies).
  • Develop strategies to mitigate and manage third-party cyber risks effectively.
  • Appreciate the role of continuous monitoring and vendor assessments in maintaining security.

Approach

  • Provide an overview of third-party cyber-risk management.
  • Explain key concepts and principles in simple, non-technical terms.
  • Use a mix of engaging learning experiences, including live exercises, case studies, discussions, and interactive activities.
  • Encourage participants to share their experiences and insights.
  • Offer practical examples and scenarios to illustrate third-party risk management in action.
  • Focus on takeaway deliverables: hands-on activities to save some time at work.

Curriculum Outline

  1. Introduction to third-party risks.
  2. Understanding the scope and objectives of third-party risk management.
  3. Third-party cyber risks: definitions, typologies, etc.
  4. Current trends in third-party cyber threats and landscape overview.
  5. Cyber security risk management for third-party cyber risks.
  6. Cyber risks in supply chain relationships.
  7. Regulations: Australia and abroad.
  8. Standards and guidelines in third-party cyber risk management
  9. Cyber risk registers for third-party cyber risks.
  10. Keeping up-to-date with third-party cyber-risk trends.