Third Party & Supply Chain Risk USA agenda

Day Two | November 1


Registration and breakfast


Chairs opening remarks

Day 2 Moderator: Dennis Frio, Managing Director: TPRM Practice Lead, PwC


Managing global trends of onshoring and deglobalization post pandemic

  • US move to buying onshore with limited build capability
  • Developing infrastructure to move manufacturing operations
  • Time consuming and cost prohibitive nature of onshoring
  • Transition to green economy
    • Scaling up green technologies domestically
  • Mitigating concentration risks with over reliance in certain jurisdictions
  • Capitalizing on the move and developing long term capabilities
  • US regulations on sourcing in certain jurisdictions

Elizabeth Anderson, Senior Director, Supply Chain Lead, JLL

Tom Garrubba, Director, Third Party Risk Management (TPRM) Services, Echelon Risk & Cyber

Joe Walker, Director, PwC

Gonzalo Lopez-Polin, Private Equity Operations Advisor


Risk and compliance in Sales Inventory & Operations Planning (SIOP)

  • Aligning SIOP with strategy
    • Align processes, teams, and market offering with the business strategy
    • Consider risks and compliance during the alignment process
  • Proactive supply chain planning
    • Shift from reactive to proactive supply chain planning in SIOP
    • Mitigate risks through proactive planning and compliance integration
  • Metrics-driven effectiveness
    • Evaluate SIOP effectiveness with metrics and data-driven approaches
    • Use metrics to identify risks and improve compliance efforts
  • Holistic decision-making
    • Adopt a balanced, risk-aware decision-making process in SIOP
    • Incorporate risk assessments for better compliance adherence

Gonzalo Lopez-Polin, Private Equity Operations Advisor


Morning refreshment break and networking


The tortoise and the hare: How the two most damaging ransomware groups differ, and how to prepare

  • Mapping tactics to threat actors
  • Understanding data impacts of each tactic
  • Identifying risks that can be mitigated
  • Anticipating likely targets of threat actors
  • Preparing for response to a supplier incident

Greg Pollock, Associate Manager VP of Product, UpGuard BreachSight, UpGuard


Reviewing third party controls to mitigate risks and key features to include within a contract

  • Filling unknown gaps
  • Including unknown variables within contract clauses
  • Controls to monitor during onboarding
  • Including clauses for cyber insurance
  • Ensuring indemnification in the event of a breach or business continuity impact
  • Balancing business priorities and risk management
  • Including SLA requirements as part of contract

Patrick Carr, Supply Chain Director, Pelco Products


Lunch break and networking


Introducing layers of risk management to build a true risk program

  • Understanding how financial services conduct supply chain oversight
  • Introducing cyber and IT security controls
  • Reviewing interagency guidance to set as cross industry standard
  • Developing infrastructure to manage third party risk
  • Building out unified platforms and common approaches
  • Calculating inherent risk for all third parties
  • Quantifying risk beyond tiering high, medium, low
    • Focusing on risk beyond just assessments

Eric Elbel, former Senior Manager, Supply Chain Logistics, AVROBIO


Reviewing ESG aspects across supply chains to understand impacts and considerations beyond environmental

  • Mitigating the impact of supply chains on the environment
  • Ensuring sustainability of supply chains
  • Understanding environmental impacts at all stages
  • Balancing higher costs and sustainability
  • Customer support in decarbonizing and creating a greener economy
  • Progress of global organizations regulated across jurisdictions
  • Monitoring supply chain for social challenges
    • Tracking modern slavery and child labor
  • Updating policies in line with ESG requirements

Kim Bach Vu, Global Lead, SuCCESS2030, Applied Materials

Rhea Rakshit, Senior Director of Product Management, Supply Chain & Trade Compliance, Sayari


Mitigating human trafficking and exploitation risk exposure

  • Incorporating third party data provided through public private partnerships
  • Overlapping datasets as a means of resolving entities
  • Monitoring for social, political unrest and failed nation states to minimize intersection with exploitation
  • Incorporate monitoring, tracking trends of missing persons globally to harden supply chains to exploitation
  • Pig butchering “the most egregious form of Human Rights violations”

Christopher Kemp, Senior Operations Manager, Anti-Human Trafficking Intelligence Initiative


Chair’s closing remarks


End of Congress