Vendor Management from a Vendor’s Perspective: How to Successfully Manage and Negotiate Customer Agreements

In today’s landscape, being able to effectively manage your risk as a vendor has become even more vital to the success of your organization. This includes having a solid understanding of how to manage and negotiate agreements with your customers. Because users desire transparency into the risk management process of the companies they work with, customers are now beginning to ask their vendors for even more information in the agreement phase. What’s more, the OCC recently issued new guidance “Supplemental Examination Procedures for Risk Management of Third-Party Relationships” that is going to further change the type of information requests from users to their technology service providers.

Needless to say, we understand that managing the agreement process with your customers can be overwhelming. However, it’s important to keep in mind that you should always comply with your own information security policies and procedures first, rather than relying on the customer’s. In addition, vendors should be reviewing their agreements annually as threats and risks evolve and policy limits change. It’s also important to have a solid understanding of the gaps and exclusions as well as knowing what you are really required to do.

During this complimentary webinar, we will cover:

  • Brief update on new OCC guidance and how that will drive customer requests,
  • How to strategically handle risk in agreements,
  • Tips on negotiating 5 critical agreement provisions to reduce your risk,
  • The dos and don’ts of professional service agreements as vendors,
  • Examples of profit killers in agreements,
  • And more!

Since we know customer agreements are not going away any time soon, we hope you will join us on February 28th as we discuss how to effectively manage this process while mitigating your risk as a vendor.

About the Presenters:

Terry Ammons, CPA, CISA, CTPRP, is Partner in the Systems Department at Porter Keadle Moore in Atlanta, GA, with over 27 years of experience auditing financial institutions and other financial services companies. For almost the past 15 years his focus has been on IT risk advisory services including Service Organization Control reports, information technology reviews for banks and insurance companies and an extensive practice in assessing the vulnerability of corporate networks.

Jason A. Bernstein is an attorney and partner in the Atlanta office of Barnes & Thornburg LLP, where he is Co-Chair of the Data Security and Privacy Practice Group. He helps companies minimize their exposure to data security and privacy risks. He works with clients to proactively improve data security risk management and develop policies and procedures for incident response. Jason prepares and negotiates agreements involving data security and privacy issues, including software and website terms of use and privacy policies. He works with companies during a data breach to evaluate the breach, notify affected individuals and agencies, and guide the company in communications to minimize effects on brand reputation. Jason is a frequent speaker nationally to various organizations and conferences on how companies can respond to cybersecurity incidents and emerging cybersecurity threats, improve their risk management, and more effectively negotiate agreements with customers and vendors.

Download Now