Cover Image for Third-Party & Vendor Risk: Build Your NIST CSF 2.0 Standard

Presented by

The GRC Builder Series — by Cyber Advisory. Live virtual workshops and free advisory sessions for CISOs, GRC managers, and security professionals who need to build audit-ready compliance programs

Hosted By

Tech

Third-Party & Vendor Risk: Build Your NIST CSF 2.0 Standard

Name: Third-Party & Vendor Risk: Build Your NIST CSF 2.0 Standard
Start: 2026-04-02T12:00:00.000-04:00
End: 2026-04-02T15:30:00.000-04:00
Location: Register to See Address

Cyber Advisory

Register to See Address

Registration Closed

This event is not currently taking registrations. You may contact the host or subscribe to receive updates.

About Event

A practical, non-technical working session to design a Third-Party / Vendor Risk Standard for how you onboard, assess, and monitor vendors, aligned to NIST CSF 2.0.

In this 2.5–3 hour live virtual workshop, you’ll build a clear, business-friendly Third-Party / Vendor Risk Standard that defines how you onboard, assess, approve, and monitor suppliers. We focus on process, roles, decision criteria, and escalation paths, not on technical configurations or tools.

You’ll leave with a first-draft standard you can socialize with Procurement, Legal, IT, and Security, plus practical checklists and a simple tiering model you can reuse across the business.

What We’ll Cover

Defining vendor scope and risk tiers (who counts as a “third party,” and what makes them high risk)
Standardized onboarding steps (due diligence, security questionnaires, data protection checks)
Clear approval and exception processes (who signs off, and when)
Ongoing monitoring and review cadence (what gets checked, how often, and by whom)
How to align this to your broader GRC and NIST CSF program, without drowning people in jargon