Strengthening Your Data Security: Third Party Vendor Risk Classification and Screening

Level: Advanced
Runtime: 63 minutes
Recorded Date: December 04, 2017
Click here to share this program
Download PDF


4:30 pm - 5:30 pm
  • Challenges of 3rd Party Risk Governance
  • Operationalizing the Solution
  • The Future of 3rd Party Risk
  • Cyberbreach Landscape
  • Questions and Answers
Runtime: 1 hour
Recorded: December 4, 2017


By making sure your vendors comply with federal and state regulations, you avoid costly fines, disruption to your operation of business, and reduce the number of vendor-sourced data breaches. Learn some of the key factors to consider before screening vendors and how to classify vendor risk.

This discussion will cover how to determine risk appetite, the hallmarks of a solid vendor vetting process, including developing and analyzing vendor questionnaires, establishing scope of services and supporting documentation from vendors.

This program was recorded as part of ALM's CyberSecure on December 4th, 2017.

Provided By



Michael Avalos

Assistant General Counsel
AIG Insurance

Michael A. Avalos is an Assistant General Counsel in American International Group, Inc.’s (AIG) Digitial & Business Services Legal Group. During his 10-year AIG career, Michael has been responsible for negotiating a wide range of commercial transactions including, but not limited to, professional/consulting services, IT, outsourcing, travel, marketing, sponsorship, training and corporate cards. His work in this area includes advising AIG’s business units on all stages of the contract process – request for proposals (RFPs), project strategy, negotiation of governing agreements and ongoing vendor governance.

Before joining AIG, Michael worked at MetLife and ING DIRECT where he was responsible for supporting each company’s procurement department. Michael graduated from Widener University School of Law with a Juris Doctor and LLM (Corporate Law and Finance), and from Fordham University with a Bachelor of Arts in English Literature.

Jordan Thompson

Deputy General Counsel & Privacy Officer
New York Institute of Technology

In his role, Jordan provides counsel to NYIT, including its College of Medicine (NYITCOM), Academic Health Care Centers, the NYIT de Seversky Mansion, Auditorium on Broadway and all international campuses on legal, regulatory and compliance matters.

Jordan Thompson is the Associate General Counsel and Privacy Officer at New York Institute of Technology, a not-for-profit private university. He attended Cornell University where he received a Bachelors of Science in Industrial and Labor Relations in 2000.

Jordan is also a graduate of Rutgers Law School where he received his Juris Doctorate in 2003. A Certified Information Privacy Professional and licensed attorney in the states of New York and New Jersey, he is also admitted to practice law in the United States District Courts of the Southern and Eastern Districts of New York as well as the District of New Jersey. Jordan serves as a Chair of the Cornell Alumni Admissions Ambassador Network and a Trustee of the Huntington Lawyers Club.

Kevin Fumai

Senior Managing Counsel
Oracle Corporation

Kevin oversees the legal function of the Marketing Cloud and Communications and Retail Global Business Units at Oracle. He is responsible for all corporate and commercial activities, including acquisitions, strategic alliances, partnerships, and the spectrum of technology transactions (software, cloud/SaaS, hardware, consulting, outsourcing). He also partners with executive management and key stakeholders to support the product development lifecycle, monitor and mitigate organizational risks, ensure compliance with legal and regulatory requirements worldwide (including data privacy), and resolve disputes with customers, partners, and vendors.

Kevin has focused on the telecommunications, media, technology, and financial services industries during his career. He has significant knowledge of the challenges and opportunities faced by companies in these heavily regulated and highly competitive industries, including in new and emerging markets. In addition, his tenure at Oracle has provided in-depth insight into disruptive technologies such as cloud computing, big data/analytics, e-commerce, and social media, as well as the data privacy and security issues implicated by their rapid adoption.

Similar Courses

Card image cap
92 minutes
#MeToo: Empowering Employees and Employers to Address Workplace Sexual Harassment & Violence
Join our expert attorneys as they discuss how employers can work to prevent and eliminate sexual harassment and violence in their workplace, and create an environment in which employees are able to respond to and report incidents without fear of retaliation. Not only is there a deep moral imperative to rectify sexual harassment in the workplace and promote an equitable work environment, but also there is significant monetary liability as a potential consequence for employers who fail to address harassment in the workplace.

American Bar Association


Add to Cart
Card image cap
77 minutes
§ 363 Sale Issues
Dive into Section 363 sales issues, including whether there are limits to “free and clear”; the GM conflict between Sections 365(h) and 363(f) (“lease-stripping”); sales free and clear of leasehold interests, restrictive covenants and override royalties; being free and clear of successorships in CBAs; selling free and clear of environmental liabilities (La Paloma, Exide); and loan-to-own strategies.

American Bankruptcy Institute


Add to Cart
Card image cap
63 minutes
2018 CA Consumer Privacy Act: The Big Tail Wagging the U.S.
In this session, two leading information governance attorneys will share why you need to and how you can be ready.



Add to Cart
Card image cap
60 minutes
2019 HIPAA Update: Enforcing Privacy & Security Standards
In this session, we will discuss the most critical issues in the HIPAA update and best practices for enforcing privacy & security standards in your company.



Add to Cart
Previous Next