This five-day virtual course is designed for professionals who support or manage Third-Party Risk Management (TPRM) programs and want to shift from a traditional compliance-based approach to a risk-based strategy using the FAIR™ (Factor Analysis of Information Risk) methodology.

Through instructor-led training, real-world examples, and hands-on scenario practice, students will learn how to quantify third-party cyber risk using FAIR’s principles of probable loss frequency and magnitude. The course focuses on embedding FAIR into the TPRM lifecycle—from vendor intake to assessment and risk treatment—helping organizations make more informed, value-driven decisions about their vendors.

• Dates: May 19–23, 2025
• Time: 11:00 AM – 1:00 PM EDT (Daily, Virtual via FAIR Academy)
• Tuition: $495
• Certificate: FAIR TPRM Specialization Certificate (upon successful completion of final assessment)

Who Should Attend:

• TPRM professionals and analysts
• Cybersecurity and GRC teams
• Procurement and Vendor Risk stakeholders
• Risk managers and risk consultants
• Anyone seeking to enhance third-party risk analysis with FAIR

Learning Objectives:

By the end of this course, participants will be able to:

• Explain the difference between compliance-based and risk-based TPRM approaches
• Model vendor risk scenarios using FAIR
• Apply quantitative analysis to assess third-party cyber risk
• Communicate vendor risk exposure to business stakeholders in financial terms
• Use FAIR to prioritize third-party assessments and risk mitigation efforts

Certification:

Participants who complete all five sessions and pass the online assessment will receive a FAIR TPRM Specialization Certificate, demonstrating their ability to apply FAIR in third-party risk management contexts.