Global TPRM: Cross Industry

Global TPRM: Cross Industry

Addressing cross sectoral trends and challenges associated with global third party risk, supply chains and technology


December 8-9, 2020

Keynote & Plenary Sessio

Driving end to end management including people, processes & technology

Third Party Risk: Lessons learned from heavily regulated industries

Exploring the current landscape and international trends within supply chains

Topics addressed for 2020

Third Party Risk & Continuity
Vendor Management | Customers | Assurance | Concentration Risk and much more…

Technology & Security
Diversification | Innovation Digital Transformation |Remote Working | Cyber Security | and much more…

view the full agenda here

Supply Chain & Resilience
Economic & Geopolitical Risk | Resilience | Business Models | Ethical Supply Chain and much more…

Jian Huang 120x120

Jian Huang
Global Head of Corporate Supply Chain Risk Management

Scott Patterson

Scott Patterson
Head of Third Party Risk Management

Pradeep 120x120

Pradeep Ramachandran
Head of Controls & Compliance Monitoring

Lori Edelman

Lori Edelman
Global Procurement and TPRM Director

Ben Gilbert

Benjamin Gilbert
Cybersecurity Advisor
Cyber Security & Infrastructure Security Agency

Orlando Fernandez

Orlando Fernandez-Ruiz
Senior Technical Specialist, Governance, Remuneration and Controls
Bank of England


Jaqueline Martinez
Vendor Management Manager

Shamial Afza

Shamial Afzal
Head of Supplier Management Governance
Legal & General Investment Management (LGIM)

View full speaker line up


Please contact the Center for Financial Professionals today to discuss how we can deliver your thought-leadership at the event, help you generate leads, and provide you with unique networking and branding opportunities. For more information on what we can offer, please contact or call us on +1 888 677 7007 / +44 (0) 20 7164 6582 where a member of the team will be happy to tailor the right package for you.

Agenda Day One Tuesday 8 December
Event Starting at 10:00am EST / 3:00pm GMT

09:50 Chair’s opening remarks


10:00 How to drive end-to-end supply chain risk management including people, process and technology – Case study from the automotive industry

Session details 

    • – Predictive data analytics in the risk identification process for operational risks (machine learning)
      – Early Warning System (Escalation Management Process in case of supply shortages)
      – Corporate SCRM process
      – Stakeholder management and collaboration with Enterprise Risk Management

Jian Huang, Global Head of Corporate Supply Chain Risk Management, HELLA


10:30 Exploring the cyber threats and mitigation measures of Today: A high level, non-technical overview from the CISA

Session details 

    • – Methodology of a cyber-attack (machine learning)
      – High-level understanding of the top cyber threats targeting the education sector, individual states and local governments
      – Practical cyber hygiene practices to be considered across the organization
      – Best responses when faced with an ongoing cyber-attack

Benjamin Gilbert, Cybersecurity Advisor, Cybersecurity and Infrastructure Security Agency (CISA)

11:00 Refreshment break, networking and transition to streams

Stream One: Third Party Risk & Continuity

11:20 Maintaining transparency across the vendor lifecycle for effective crisis response

  • Contingency plan for failure of suppliers or supply chain related issues
  • Adjusting the scope of risk scenarios
  • Bridging the gap between business and risk
  • Conducting onsite assessments with COVID restrictions

Lori Edelman, Global Procurement and TPRM Director, Pfizer
James Arden, Third Party Security Lead, Brewin Dolphin
Hasintha Gunawickrema, Global Head of Conduct Transformation and Third Party Risk, HSBC
David Brown, Senior Product Manager, Riskonnect

Stream Two: Technology & Security

11:20 Artificial Intelligence : New horizons in cybersecurity

  • An introduction to AI
  • Tips on building AI in cyber security
  • Developing a roadmap for implementing AI in cybersecurity
  • Future vision for AI in Cybersecurity

Mohamed Saad Mousa, Head of Information Security (CISO), IKEA

Stream Three: Supply Chain & Resilience

11:20 Reviewing global geopolitical and economic risks and the impact on supply chains

  • Failure of suppliers, broken supply chains and shortages
  • Delays to manufacturing and distribution
  • Changes to products and procurement
  • Ability to travel and transport goods
  • Dependency on China and developing nations
  • Data sharing – 5G and Huawei

Peter Bogulaski, Operations Manager, Zound Industries
Sam Finn, Geopolitical Risk and Intelligence, Advisor, WestJet Airlines

11:55 The Neighborhood Watch: Using Continuous Monitoring to Increase Visibility and Effectiveness of TPRM Programs

  • Challenges/Struggles related to vendor security
  • Where vendor security questionnaires may fail you
  • What is vendor cybersecurity continuous monitoring?
  • Practical use cases to increase visibility and efficiency of third party risk programs

Jonathan Ehret, Vice President, Strategy& Risk, RiskRecon

11:55 A Risk Based approach to vendor security – Let’s practice what we preach

  • What is a Risk Based approach?
    • Variations in regulation, risk tolerances & data sharing
  • Case studies of TPRM & IT security implementation
    • Pitfalls & lessons learned
  • Effectively assessing security risks associated with vendors
  • Challenges of working across multiple industries
  • Key points to include within your next IT Supplier Assessment/Audit

Orna Toolan, Vendor Security Lead, Pinterest

11:55 Session reserved – details to follow shortly

12:25 Why is your Third Party Risk Management (TPRM) programme failing?

  • Understanding TPRM
  • TPRM drivers across various industries
  • Identifying where things go wrong in TPRM Programmes
  • Tips to building a successful TPRM Programme

Malcolm Parker, TPRM Service Line Leader, Mobius Consulting

12:25 Exploring the use of specific technology to enhance TPRM and supply chain efficiency

  • Opportunities of new platforms, data, AI and Blockchain
  • Managing complexity and visibility of supply chain through digitalization
  • Data requirements for use of AI and machine learning
  • Technology outsourcing trends
      Tracing and tracking industry practices
  • Case studies of transition to new systems
  • IoT
    • Proliferation of devices across industries
    • Criticality and services of devices

Phani Dasari, VP, Global Third Party and M&A Risk Management, ADP

12:25 Building resilience through identification of critical functions & services and understanding vulnerabilities

  • Gap analysis in supply chain resilience
  • Variations in industries
  • Ability to be agile
  • Understanding the risk matrix post-pandemic
  • Use of innovation
  • Real time reporting of supply chain risks

Pradeep Ramachandran, Head of Controls and Compliance Monitoring & Assurance, Shell

12:55 End of Day One

Agenda Day Wednesday 9 December

09:50 Chair’s opening remarks


10:00 Leveraging lessons learnt from heavily regulated industries to identify best procedure

Session details 

      • – Maturity of regulatory standards within financial services
      • o Increased focus on resiliency
      • – Measuring and quantifying risk
      • – Leveraging resources, expertise and external systems
      • – Utilizing data analytics
      • – Optimizing third party relationships- Expectations and financial stability
      • – Comparison to peers and learnings from other sectors

Orlando Fernández Ruiz, Senior Technical Specialist, Governance, Remuneration and Controls, Bank of England


10:30 Exploring the current landscape and ability to create an ethical/sustainable supply chain

Session details 

        • – Impacts of COVID 19
        • – Climate change
        • – Latest trends within slavery, human trafficking, exploitation and conflict materials
        • – Initiatives to drive good behaviours
        • – Input from regulatory bodies and governments
        • – Consequences of appearing non ethical/sustainable

Sonya Bhonsle, Global Head of CDP’s Supply Chain program, CDP
Prof Doreen Boyd, Professor of Earth Observation/Associate Director Rights Lab, University of Nottingham
Rachel Michelin, President, CEO, California Retailers Association

11:15 Refreshment break, networking and transition to streams

Stream One: Third Party Risk & Continuity

11:35 Gaining an adequate and proportionate level of assurance around resilience of third parties on an ongoing basis

  • Gaining appropriate access to data systems and IT incident reports
  • Monitoring performance and identification & management of risks in vendors
    • Incorporating as a contractual obligation
  • Negotiating with dominant provider to build in acceptable terms and conditions
  • Alternative methods of gaining assurance from suppliers

Scott Patterson, Head of Third Party Risk Management, GSK

Stream Two: Technology & Security

11:35 Security threats of remote working internally and across supplier base

  • Overseeing risks to third parties
  • Managing insider threats
  • Non-company issued devices and unsecured networks
  • Education on how to create security measures on private networks
  • Personnel having access to customer
  • data at home – Credit card and personal identifiable info
  • Introducing new remote working policies

Hasintha Gunawickrema, Global Head of Conduct Transformation and Third Party Risk, HSBC

Stream Three: Supply Chain & Resilience

11:35 Lessons learned from the pandemic and adaption of business models to diversify supply chain concentration

  • Maintaining existing supply chains vs finding alternative options
  • Dependence on low cost production
  • Negotiating contracts
  • Changes to cost and cash flows
  • Generating savings and offsetting the price of multi sourcing
  • Limiting concentration within the supply chain

Eirini Etoimou, Group Procurement Manager, ODEON & UCI Cinemas

12:05 Managing the concentration risks with over reliance on small numbers of service providers with increased criticality to service

  • Identifying critical suppliers
  • Risks of highly dominant and non-easily substitutable vendors
    • Cloud providers
  • Limited variety in some sectors
  • Potential for outages and cyber-attacks
  • Influences of the pandemic on concentration risk

Jaqueline Martinez, Vendor Manager, Ucare
Theodore Reynolds, Operational Risk Director, Third Party Risk Program Development, Wells Fargo

12:05 Internal and external due diligence of cyber threats

  • Shift in techniques – use of COVID as bait
  • Increased opportunity to access networks via remote working
  • Impacts, disruption and cost
  • Incident response plans to tackle fraud
  • Increasing training, awareness and hygiene
  • International laws and global collaboration to remove bad actors
  • Impacts for smaller businesses
  • Efficient external due diligence strategies to mitigate risk
  • Practical tools for monitoring, managing, and minimizing these issues in third parties

Bhushan Deo, Chief Information Security Officer, Thermax Limited
Jeffrey Batt, Cyber Insurance Practice Leader, M&T Bank
Jensen Penalosa, Assistant Legal Attaché, Federal Bureau of Investigation
Dov Goldman, Director of Risk & Compliance, Panorays

12:05 Understanding the importance to developing an ethical supply chain and the impact of failure on reputation & brand

  • Encouraging the right behaviours, culture and ethics
  • Slavery, human trafficking, exploitation, conflict materials
  • Managing complex infrastructure of supply chains
  • Pressure from the public, social media and press
  • Management across sectors and countries
  • Strategy to handle misbehaving third parties

Eirini Etoimou, Group Procurement Manager, ODEON & UCI Cinemas
Laura Simmonds, Supply Chain Risk Thought Leader, Former IHG (InterContinental Hotels Group)
Shamial Afzal, Head of Supplier Management Governance, Legal & General Investment Management (LGIM)

12:50 Chair’s closing remarks and close

Shamial Afza

Shamial Afzal
Head of Supplier Management Governance
Legal & General Investment Management (LGIM)


25 years financial services experience from operations to change management and transformation type roles with the last 14 years leading the management, governance, compliance and risk management of Supply Chain Services.

A professional and agile approach to business goals whilst setting high standards in delivery.

Global experience that has seen me work in Milan, Zurich, Mumbai, Hong Kong & Singapore with a natural style to work with people from diverse backgrounds and encourage diversity of thought.

Tenacious drive and enthusiasm to get the job done coupled with good team work has ensured delivery success whilst learning and gathering constructive feedback throughout my career.

Jams Arden

James Arden
Third Party Security Lead
Brewin Dolphin


Leader in supply chain security I believe in designing the security practices around the organisation and not forcing the organisation to fit in. 

Having defined and developed a mature third party security programme at multiple organisations, I’ve seen first hand the impact external factors have on security. 

Jeffry Batt

Jeffrey Batt
Cyber Insurance Practice Leader
M&T Bank


Jeffrey has over 15 years’ experience advising multinational clients and the U.S. government on cybersecurity, cyber insurance, privacy, law, and national security matters.  Jeffrey was most recently the Cyber Insurance Practice Leader at M&T Bank, where his work focused on providing cyber insurance and risk consulting solutions, and developing new products and quantification tools.  Prior to joining M&T, Jeffrey was a VP in Marsh’s Cyber Center of Excellence, where he led client engagement and product development efforts around emerging privacy regulations.  Before that, from 2010 to early 2016, Jeffrey served as an Associate Deputy General Counsel at the U.S. Department of Defense (DoD).

A graduate of Hamilton College and the Georgetown University Law Center, Jeffrey also received a Certificate in Cyber Leadership from the DoD-affiliated National Defense University.  He is currently an Adjunct Professor at the American University Kogod School of Business, where he teaches on cybersecurity governance.

Sonya Bhonsle

Sonya Bhonsle
Global Head of CDP’s Supply Chain program


Sonya Bhonsle is the Global Head of CDP’s Supply Chain program which enables major multinationals and governments to achieve sustainable supply chains, influencing over US$3.3 trillion in annual procurement spend. Sonya has over 14 years of Sustainable Supply Chain experience, both in the public and private sector. Over the last few years she has specialised experience on Scope 3, setting and meeting scope 3 targets (including science-based targets), as well as setting and meeting water security and deforestation related supply chain goals.

Peter Bogulaski

Peter Bogulaski
Operations Manager
Zound Industries


Peter Bogulaski is a supply chain professional focused on logistics, fulfilment, sourcing strategy and environmental and business sustainability. Currently serving as Operations Manager for the Americas at the consumer electronics company, Zound Industries. Peter holds a Master’s in Supply Chain Management from Pennsylvania State University and is an ASCM Certified Supply Chain Professional Pete has worked for a number consumer goods brands across e-commerce, traditional retail and omni-channel distribution including most recently the Casper Sleep Inc., Michael Kors and Revlon.


Prof Doreen Boyd
Professor of Earth Observation/Associate Director Rights Lab
University of Nottingham


Professor Doreen Boyd is passionate about the use of satellite remote sensing data to address the World’s most pressing issues. Her current work uses these satellite data and her expertise in remote sensing to study modern slavery from Space. Providing insights that could provide further clarity of supply chains and financial systems. She is also working on an extensive analysis of the relationship between modern slavery and environmental destruction. She was the recipient of the Vice Chancellor’s Medal in 2018 for her Rights Lab research and leadership.


David Brown
Senior Product Manager


David Brown will be speaking at Global TPRM: Cross Industry.

Phani Dasari

Phani Dasari
VP, Global Third Party and M&A Risk Management


Phani Dasari is the Global VP, Global Third Party and M&A Risk Management at ADP LLC.

Phani is responsible for the strategic direction and overall execution of the Global Third Party and M&A Risk Management program at ADP; responsibilities include leadership of diverse & geographically spread-out teams of senior leaders, assessors, consultants and oversee program activities to ensure effective risk management and mitigation throughout the third party life cycle. He provides thought leadership in redefining the risk assessment process and supports the continuous improvements of both program. Acts as a valued partner to the business in the execution of their responsibilities surrounding the both program. Works closely with Enterprise Risk Management team as a key member of the second line of defence for GTPRM and M&A oversight. Introduces, oversees and implements enhancements to both program. Ensures that the program is in compliance with GDPR and all other applicable Regulations.

Prior to the above job, Phani was Global VP, Client Security Management Office and was responsible for creating ADP’s Trusted Client Experience in all aspects of client security lifecycle interactions and driving the client security assurance program objectives and strategy as defined by global security organization (GSO). He is also responsible for engaging diverse ADP business units and communicating client security requirements internally and also communicating GSO and Client Security Management Office functions and capabilities externally.

Working directly with client account teams to address client security concerns and requests. Providing consultative services to the legal departments. Also hosts ADP’s Client Security & Privacy Advisory Board annually.

Prior to joining ADP, Phani was a member of EMC Corporation; he worked as Client Security Advocate and Senior Risk Analyst. In his four years tenure at EMC he worked extensively with communication experts on customer-centric security awareness, provided security related metrics that assist management in prioritizing efforts to address security and GRC requirements, responded to information security-related regulatory and compliance inquiries and assisted incident response teams to represent customer’s security interests in EMC. Acted as the liaison with the business units to ensure that Information Security policies, standards, and practices are communicated, interpreted, and implemented. Provided risk consulting services for several integration projects at EMC/RSA.

Before joining the EMC, Phani was a research assistant at The University of Findlay, OHIO and did project and content management for few years as well.

Phani holds an undergraduate degree in Statistics and Computer Science and a Masters Degree in Computer Science from Andhra University, India. He did his MBA from The University of Findlay, OHIO. He is also a Certified Project Management Professional (PMP), a Certified Information Security Auditor (CISA), Certified Information Privacy Professional (CIPP) and an ISO Security Lead Auditor (ISO 27001 Security Lead Auditor).

In addition, Phani has been an active participant at a number of ADP Community-based events including but not limited to the following:
– Stay Safe Online Presentations at Local Schools/Businesses
– Security/Privacy Awareness Presentations at Bring Your Child To Work, Habitat for Humanity

Bhushan Deo

Bhushan Deo


Bhushan Deo is Chief Information Security Officer (CISO) and Head of Information Security & Compliance at Thermax Limited, Pune. He is responsible for the overall information and cyber security strategy and its implementation across Thermax Group. He is additionally responsible for the Data Privacy, Risk Management & Governance, Software compliance, IT Procurement & Budgeting.

With over 24+ years of industry experience in Information Technology across different Industry sectors including Manufacturing, Contact Center, Software Development, IT Products & Services, Bhushan has handled different Leadership roles & responsibilities including CISO, Heading Information Security & Compliance, Heading IT Procurement & budgeting and Managing IT Infrastructure.

Bhushan has extensive management and domain experience in driving Cybersecurity programs in all key aspects i.e. Policy, Standards, Procedures, Awareness, Identity & Access Management, IT-GRC, Network Security, Incident Response, Security Monitoring, Malware protection, Cyber fraud management, Security configuration, Compliance, Cryptography, Data Protection, Third Party Management, Business Continuity Planning, Cyber Defence Centres & Cloud Security etc.

Holding a degree in Industrial Electronics, Bhushan is certified as CISM from ISACA and has completed ISMS ISO 27001 Lead Auditor Course from bsi. He is a member of “EC-Council Global Advisory Board for CHFI (Computer Hacking Forensic Investigator) course”.

Lori Edelman

Lori Edelman
Global Procurement and TPRM Director


Lori Edelman leads the Third Party Risk Management (TPRM) program at Pfizer, one of the world’s leading biopharmaceutical companies. At Pfizer, TPRM brings a holistic approach to the identification, management, and mitigation of a variety of risks associated with engaging thousands of Third Parties. In Lori’s 20 years at Pfizer, she has also focused on Anti-Bribery Anti-Corruption, Procure-to-Pay, and many other Procurement and risk management initiatives.

Lori holds a Bachelor’s Degree in Mathematics from Drexel University, an MBA from Penn State University, and a PMP certification from the Project Management Institute. She lives in New Jersey with her husband and three sons.

Jonathan Ehret
Vice President, Strategy& Risk


Jonathan has been a third-party risk practitioner since 2004. He is co-founder and former president of the Third-Party Risk Association. He has deep experience building and running third-party risk programs in finance and healthcare. He started with RiskRecon in April, 2020.

Eirini Etoimou

Eirini Etoimou
Group Procurement Manager
ODEON & UCI Cinemas


Eirini Etoimou is the Chair of the CIPS Manchester Branch. She is an executive with more than 15 years of experience in senior management positions, with a global exposure. She holds a MSc in Procurement, Logistics and Supply Chain Management, MBA in Leadership and Sustainability, and she speaks four languages. She is invited and participates as a guest speaker in universities and in UK and international conferences as a passionate advocate of human rights and specialist in procurement, leadership and sustainability. Additionally, she contributes as an author of articles about leadership, business strategy, sustainability, procurement strategy, and other business areas in academic journals, social media, and online business magazines. She also acts as a volunteer consultant for institutions, supporting them to set their strategic plans and goals.


Orlando Fernandez Ruiz
Senior Technical Specialist, Governance, Remuneration and Controls
Bank of England


Orlando Fernandez is a Senior Technical Specialist in the Governance & Remuneration team in the Bank of England/ PRA Prudential Policy Directorate. He joined the (at the time) FSA in 2011 and has been leading the development of the PRA’s Policy on the Senior Managers and Certification Regime (SM&CR) since its inception in 2013. He has also represented the PRA in the development of a range of European and international standards on governance and fitness and propriety at the BCBS, EBA and FSB and worked with financial overseas regulators in the implementation of accountability regimes inspired the UK SM&CR. More recently, Orlando has been focusing on outsourcing, in particular to the Cloud and the impact of technology on firms’ governance. He represented the PRA at the EBA expert group which developed the 2019 Outsourcing Guidelines. Orlando has a Master of Laws from the University of Nottingham in the UK.

Sfinn headshot copy

Sam Finn
Geopolitical Risk and Intelligence, Advisor
WestJet Airlines


Sam is the Geopolitical Risk and Intelligence Advisor for WestJet Airlines based in Calgary, Canada. He is responsible for security operations across North America, Latin America, and Western Europe. Sam’s primary focus is intelligence analysis however, his role also includes physical and regulated security. Sam is a graduate of the University of Calgary and is currently pursuing a master’s degree at the Centre for Military, Security, and Strategic Studies.

Ben Gilbert

Benjamin Gilbert
Cybersecurity Advisor
Cybersecurity and Infrastructure Security Agency (CISA)


Mr. Gilbert serves as a Cybersecurity Advisor in the Cybersecurity and Infrastructure Security Agency (CISA). He supports the Cybersecurity Advisor (CSA) program and CISA’s mission through the goal of strengthening the security, reliability and resilience of the Nation’s critical cyber infrastructure and serves in this role across the states of Virginia and West Virginia, as well as the District of Columbia.

As a CSA, Mr. Gilbert conducts various cyber preparedness, risk mitigation and incident response coordination activities though public and private partnerships and outreach efforts in support of CISA’s
mission. Prior to this appointment, Mr. Gilbert had served as a senior analyst with the CSA program’s headquarters where he led the development of various tools used by the CSA program to measure and strengthen the cybersecurity management capabilities of critical infrastructure organizations.

Mr. Gilbert has been with CISA, and the Department of Homeland Security for over 10 years and has over 16 years of experience in cybersecurity spanning the commercial, federal civilian, and DoD communities. He currently holds the Certified Information Systems Security Professional (CISSP) certification, the Certified in Risk and Information Systems Control (CRISC) certification, the Certified Ethical Hacker (CEH) certification. Prior to joining DHS, Mr. Gilbert had served as an IT Specialist with the Virginia Army National Guard, and as an Airborne Infantryman in the U.S. Army’s 82nd Airborne Division.

Dov Goldman

Dov Goldman
Director of Risk & Compliance


Dov has years of experience in the third-party risk and compliance field, as well as a long history as a serial entrepreneur, software and network engineer. Dov focuses on the evolving best practices and industry standards in third-party management and regulatory compliance. Previously, Dov was VP of innovation at Opus, director of product marketing at Navigant, and founder and CEO of Cognet Corp and Dynalog Technologies. Dov has spoken at industry events around the world and has been quoted in numerous industry press articles, as well as The Wall Street Journal, about information security and privacy.


Hasintha Gunawickrema
Global Head of Conduct and Transformation and Third Party Risk


Hasintha carries over 20 year’s experience in the Financial Services industry and carries experience globally across many markets. She is currently reading for an Executive Leadership program with Harvard Business School and is also a qualified accountant.

She carries experience in leading large scale programs in Digital Transformation, Enterprise wide Risk Management and Business Management. She is passionate in coaching and mentoring individuals and teams, and has a large mentee base across Europe and Asia.

Hasintha has returned to the UK after a successful stint in India as the COO for Wealth and Personal Banking for HSBC. During her time in India, Hasintha was engaged in supporting charities that are focused on educating less privileged girls.

Hasintha is keen in building robust digital and data analytical capabilities to support businesses deliver sustainable results and meet customer needs effectively.

Jian Huang 120x120

Jian Huang
Global Head of Corporate Supply Chain Risk Management


Jian has a Bachelor Degree in Electrical Engineering and a Diploma Degree in Business Administration. With his more than 15 years of experience in Supply Chain Management and Procurement, Jian has been working for different multinational automotive and manufacturing companies in different functions and countries (HELLA Group, Liebherr Group, Robert Bosch GmbH). At the meantime Jian is a certified Senior Project Manager according to International Project Management Association and used his professional project management expertise as a senior project manager in his management consulting career in cooperation with Top 500 Forbes Global companies. Jian has deep knowledge in global end-to-end supply chain and procurement management. Currently he is leading the HELLA corporate supply chain risk management team with the target to set up an end-to-end supply chain risk management process by implementation of new technologies across different business functions (Procurement, Logistics, Operations, Sales) worldwide.


Jaqueline Martinez
Vendor Management Manager


I am a certified vendor manager, with over ten years of experience in the financial industry and two years in health insurance. I am proficient in using risk governance platforms such as RSA Archer, NVendor, and Compliance 360. In my current role I am responsible for the development, documentation, implementation, maintenance and management of ongoing activities related to the vendor management program. This include multi-contract accountabilities, delivering interpretation advice, and resolving issues through effective partnering with internal stakeholders and vendors.


Rachel Michelin
President, CEO
California Retailers Association


Rachel Michelin is President of the California Retailers Association (CRA),the most significant voice representing the retail industry in California’s public policy arena, at the State Capitol, in City Halls and with regulatory bodies across the state. Michelin oversees a diverse board and membership representing retail throughout the state and nation from small brick and mortar, to franchises to national retailers and on-line merchants.

Rachel has led associations for over 20 years with visionary leadership including strategic growth and engagement, increasing revenue, developing partnerships, statewide influence and public awareness. Rachel has demonstrated success through a strong bipartisan leadership network she has built with key influencers in the public and private sectors.

Rachel was reappointed by Governor Brown to the State Board of Optometry, where she has served since 2014. Prior to California Retailers, Michelin lead California Women Lead asChief Executive Officer and Executive Director since 2002. She also served as Program and Policy Director for the CaliforniaElected Women’s Association for Education and Research (CEWAER), Communications Director and District Director for members of the State Assembly.

Rachel is a Senior Fellow if the American Leadership Forum -Mountain Valley Chapter and received her bachelor’s of arts from the California State University, Fullerton majoring in Communications -Journalism and minor in Political Science.


Malcolm Parker
TPRM Service Line Leader
Mobius Consulting


Malcolm Parker is the Global TPRM Service Line Leader at Mobius Consulting. He is a qualified accountant and IT professional with certifications in Information Security, Privacy and Risk Management.

Malcolm has 18 years of experience, including management and leadership roles within two of the big4 firms, a major retailer and a fortune 500 firm. During his career, he has the opportunity to work across most industries, including financial service, retail, manufacturing and energy.

Malcolm has lived and worked on three continents and misses travelling for work and tourism. He is a people person, collaborator and innovator who loves helping organisations transform to survive and thrive in the digital era.

Scott Patterson

Scott Patterson
Head of Third Party Risk Management


Scott is the Programme Director at GlaxoSmithKline, leading the Third Party Risk Management group. He has worked there for 18 years across various positions, globally deploying procurement solutions and establishing frameworks for third party risk management. He holds a BSBA with specializations in Supply Chain and HR management from Bowling Green State University.


Jensen Penalosa
Assistant Legal Attaché
Federal Bureau of Investigation


Assistant Legal Attaché (ALAT) Jensen Penalosa has been a Special Agent with the FBI since 2005. ALAT Penalosa is a Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (C|EH) with a Bachelor of Science degree in Computer Science. Prior to entering on duty with the FBI, ALAT Penalosa was employed as a software engineer. From 2012 to 2017, ALAT Penalosa supervised Cyber Crime Squads responsible for conducting counterintelligence and criminal cyber investigations in the Los Angeles area. In 2017 ALAT Penalosa was named the FBI Liaison Officer to Department of Defense partners in Hawaii.  ALAT Penalosa is currently assigned to the FBI Legal Attaché office in London where he coordinates the investigative and intelligence activities between the FBI and international partners.


Pradeep 120x120

Pradeep Ramachandran
Head of Controls and Compliance Monitoring


Pradeep Ramachandran will be presenting at TPRM 2020

Ted Reynolds

Theodore Reynolds
Operational Risk Director, Third Party Risk Program Development
Wells Fargo


Theodore Reynolds will be presenting at TPRM 2020

Mohamed S

Mohamed Saad Mousa
Head of Information Security (CISO)


Mr. Mohamed Mousa is Chief Information Security Officer (CISO) with MSc. In Information security from Royal Holloway University, University of London alongside numerous technical and management professional certificates. For more than 15 years, Mr. Mousa has a wide experience in working with government and private sector, implementing and auditing different Governance, Risk and Compliance (GRC) cyber security frameworks. As CISO, Mr. Mousa has extensive exposure to different Digital Transformation programs , Governance frameworks and international standards in dealing with securing e-commerce channels. Mr. Mousa’ core competencies include Information security management, strategic business orientation, risk management, penetration tests, network security, business continuity planning and incidents/threats management. Mr. Mousa design and conduct several information security awareness programs in different business models. The last but not least Mr. Mousa was key speaker in different information security conferences around EMEA region and is continually invited to give lectures in different academic forums.

Laura Simmonds

Laura Simmonds
Supply Chain Risk Thought Leader
Former IHG (InterContinental Hotels Group)


Laura Simmonds is an established procurement and supply chain professional, recently specialising in, and leading through a global organisation’s third party risk programme. Laura has gained experience in establishing a supply chain risk programme from the ground up and has seen the positive impact that has resulted from this. She is a passionate and pragmatic leader, who brings her wealth of experience to the table ready to be discussed and is always keen to learn from others at the same time.

Orna Toolan

Orna Toolan
Vendor Security Lead
Pinterest (tbc)


Orna Toolan will be presenting at TPRM 2020O

Management of third parties and supply chains continues to be a critical component for multiple institutions. Ongoing issues such as resilience, risk management, technology and sustainability remain a key focus. However recent changes within the global environment have led to heightened uncertainty and industry wide change.

The two day gathering will feature cross sector input from industry leaders, including representation from Pharmaceuticals, Oil & Gas, Food & Beverage, Financial Services, Electronics & Entertainment, Aviation, Social Media and many more. Attendees are invited to interact with various keynote sessions and navigate between three individual work streams. Plus, the virtual platform allows for increased interaction with speakers via live Q&A, polls and networking breaks. All registered attendees will have access to the post-event website, which will include selected recorded presentations and panel discussions, interviews, articles and white papers.

Ultimately the gathering will allow for discussion, debate and collaboration between various sectors and geographical locations. Addressing some of the key cross sectoral trends and challenges within global third party risk, supply chains and technology.


panel discussions

Panel Discussions

Interactive panel discussions are designed to include attendees by running a live Q&A throughout the session.



Hear industry experts provide insights on range of vendor risk issues, challenges and opportunities


Networking Breaks

Virtual networking opportunities throughout the days, access to all streams and sessions plus access to presentations and handouts.

Meet The Speakers

Interact With The Speakers

Continue discussions beyond the auditorium and interact with speakers and attendees after their session.

For further information please call us on +1 888 677 7007 / +44 (0) 20 7164 6582 or email

11th November 2020
Laura Simmonds Supply Chain Risk Thought Leader Former IHG (InterContinental Hotels Group)

Understanding the importance to developing an ethical supply chain and the impact of failure on reputation & brand

The views and opinions expressed in this article are those of the thought leader and not those of CeFPro. By Laura Simmonds, Supply Chain Risk Thought […]
19th October 2020
Shamial Afzal, Head of Supplier Management Governance, Legal & General

Understanding the importance to developing an ethical supply chain and the impact of failure on reputation & brand

The views and opinions expressed in this article are those of the thought leader and not those of CeFPro. By Shamial Afzal, Head of Supplier Management […]
17th January 2020

Research survey: Basel IV Readiness – How prepared is your firm?

2nd January 2020

Global research survey: Technology risk in financial services

22nd October 2019

Improving third party risk management programs to optimize operations

7th June 2019

Building operational resilience in financial services and ensuring compliance to regulatory standards

By Sucharita Banerjee Lodha, General Insurance International (GII) Business Resiliency and Operational Governance, AIG

Mobius Consulting & Phinity Risk

Mobius Consulting & Phinity Risk are Co-Sponsoring Global TPRM: Cross Industry

OneTrust Vendorpedia

OneTrust Vendorpedia™ is the leading third-party risk exchange – a community of shared vendor risk assessments with 70,000 participating vendors and aggregated data from authoritative security, privacy, and compliance sources. The third-party risk exchange is embedded with regulatory intelligence from OneTrust DataGuidance™, enabling users to adapt to industry changes that impact their vendor ecosystem, with support for hundreds of global standards, frameworks, and laws. Today, more than 7,500 customers use OneTrust to mitigate risk and monitor the performance of vendors, suppliers, and third parties.

OneTrust Vendorpedia is a part of OneTrust, the #1 most widely used privacy, security and data governance platform backed by 130 awarded patents. OneTrust Vendorpedia is infused with intelligence by the OneTrust Athena™ AI and robotic automation engine, and integrates seamlessly with the full OneTrust platform, including OneTrust Privacy Management Software, OneTrust PreferenceChoice™, OneTrust GRC, OneTrust Ethics, OneTrust DataGuidance™, OneTrust DataDiscovery™, and OneTrust DataGovernance™.


Panorays automates third-party security lifecycle management. It is the only platform that provides organizations with a rapid thumbs-up-or-down view of supplier cyber risk by inherently combining automated dynamic security questionnaires with external attack surface evaluations and business context.


RiskRecon, a Mastercard company, is the only continuous vendor monitoring solution that delivers risk-prioritized action plans custom-tuned to match your risk priorities. RiskRecon provides the world’s easiest path to understanding and acting on third-party cyber risk, enabling security and risk teams to efficiently build scalable, third-party risk management programs for dramatically better risk outcomes. Learn more about RiskRecon, request a demo or visit the website at

Shared Assessments

As the only organization that has uniquely positioned and developed standardized resources to bring efficiencies to the market for more than a decade, the Shared Assessments Program has become the trusted source in third party risk assurance, including the development of the SIG questionnaire and the CTPRP certification program. Shared Assessments offers opportunities for members to address global risk management challenges through committees, awareness groups, interest groups and special projects.


Riskonnect is the leading integrated risk management software solution provider. Our technology empowers organisations with the ability to anticipate, manage, and respond in real-time to strategic and operational risks across the extended enterprise. More than 900 customers across six continents use our unique risk-correlation technology to gain previously unattainable insights that deliver better business outcomes. Riskonnect has more than 500 risk management experts in the Americas, Europe, and Asia. To learn more, visit


Aravo are an Exhibitor at Global TPRM: Cross Industry


CastleHill Managed Risk Solutions offers professional advisory services and technology implementations as well as managing your GRC programs and processes. CastleHill’s expert teams of risk and compliance professionals, are practitioners first, coming directly from the industries they serve on a daily basis. Whether you need pure advisory services or end-to-end solutions, CastleHill can find the right model for your organization, so you can focus on your core competencies and responsibilities.


Prevalent takes the pain out of third-party risk management (TPRM). Companies use our software and services to eliminate the security and compliance exposures that come from working with vendors, suppliers and other third parties. Our customers benefit from a flexible, hybrid approach to TPRM, where they not only gain solutions tailored to their needs, but also realize a rapid return on investment. Regardless of where they start, we help our customers stop the pain, make informed decisions, and adapt and mature their TPRM programs over time.

Please contact the Center for Financial Professionals today to discuss how we can deliver your thought-leadership at the event, help you generate leads, and provide you with unique networking and branding opportunities. For more information on what we can offer, please contact or call us on +44 (0) 20 7164 6582 where a member of the team will be happy to tailor the right package for you.

Can I present at the Global TPRM: Cross Industry Congress?

Yes, the Center for Financial Professionals are happy to discuss speaking opportunities at the Global TPRM: Cross Industry Congress. For further information on this please contact or call us on +1 888 677 7007 / +44 (0) 20 7164 6582.

Where can I find the Congress documentation and speaker presentations?

All registered attendees will receive an email with access to documentation and speaker presentations after the Congress* We will work with our presenters to include as many presentations as possible on our App during the Congress. *Please note that our speakers often have to gain permission from their relevant compliance departments to release their presentations. On rare occasions compliance may not allow presentations to be distributed.

Will there be opportunities to network with other attendees?

There are ample opportunities for networking and interaction throughout the Congress, such as

  • Roundtables
  • Virtual networking capabilities
  • Virtual business cards (you will be in control of what information is visible)
Are there opportunities to share my thought-leadership at the Global TPRM: Cross Industry Congress?

Yes there are plenty of opportunities for the Center for Financial Professionals to share thought-leadership to the attendees of Global TPRM: Cross Industry Congress and our wider risk professionals community. At the event we can distribute your material to the attendees, offer you an exhibition booth, and provide speaking opportunities so that you may enjoy a more prominent presence at the Congress. Visit the Sponsor tab for further information or contact / +1 888 677 7007 / +44 (0) 20 7164 6582.

Are media partnerships available for the Global TPRM: Cross Industry Congress?

Yes. As part of a media partnership we can offer a variety of options to increase the branding and awareness of your association, company, certificate, publication or media. We are flexible with what we can offer however we usually:

  • Provide a discounted rate to attend
  • Place your logo and profile on the Congress website
  • Place your logo on promotional content where applicable
  • Distribute your media/marketing at the Congress
  • Promote through social media channels

To discuss this further please contact or call +1 888 677 7007 / +44 (0) 20 7164 6582


You are able to register for free using our link below. All registrations are manually reviewed and approved before any confirmation emails are sent. If you have any questions please email

Register here


You are able to register for a nominal fee of $399. Online registration will be made available shortly.

All registrations are manually reviewed and approved before any confirmation emails are sent.

If you would like to register or have any questions please email

Mobius & Phinity
OneTrust Vendorpedia

Connect With Us

Center for Financial Professionals tm
Stay Updated
Receive CeFPro’s news, magazine, webinars, research reports and more...
I agree to receive emails from CeFPro (no spam or third parties)
Subscribe Now!
I agree to receive emails from CeFPro (no spam or third parties)
Get 50% OFF
Join our newsletter and get 50% off your next purchase
Privacy Policy. This information will never be shared for third part
Subscribe Now!