Vendor Management from a Vendor’s Perspective: How to Successfully Manage and Negotiate Customer Agreements
In today’s landscape, being able to effectively manage your risk as a vendor has become even more vital to the success of your organization. This includes having a solid understanding of how to manage and negotiate agreements with your customers. Because users desire transparency into the risk management process of the companies they work with, customers are now beginning to ask their vendors for even more information in the agreement phase. What’s more, the OCC recently issued new guidance “Supplemental Examination Procedures for Risk Management of Third-Party Relationships” that is going to further change the type of information requests from users to their technology service providers.
Needless to say, we understand that managing the agreement process with your customers can be overwhelming. However, it’s important to keep in mind that you should always comply with your own information security policies and procedures first, rather than relying on the customer’s. In addition, vendors should be reviewing their agreements annually as threats and risks evolve and policy limits change. It’s also important to have a solid understanding of the gaps and exclusions as well as knowing what you are really required to do.
During this complimentary webinar, we will cover:
- Brief update on new OCC guidance and how that will drive customer requests,
- How to strategically handle risk in agreements,
- Tips on negotiating 5 critical agreement provisions to reduce your risk,
- The dos and don’ts of professional service agreements as vendors,
- Examples of profit killers in agreements,
- And more!
Since we know customer agreements are not going away any time soon, we hope you will join us on February 28th as we discuss how to effectively manage this process while mitigating your risk as a vendor.
About the Presenters:
Terry Ammons, CPA, CISA, CTPRP, is Partner in the Systems Department at Porter Keadle Moore in Atlanta, GA, with over 27 years of experience auditing financial institutions and other financial services companies. For almost the past 15 years his focus has been on IT risk advisory services including Service Organization Control reports, information technology reviews for banks and insurance companies and an extensive practice in assessing the vulnerability of corporate networks.