Advanced Corporate TPRM Training
& Workshop

Defentrix Advanced TPRM Corporate Training is a workshop-led highly professional training program curated for seasoned and experienced TPRM professionals. This training is delivered across Four (04) days and is best suited for professionals with over 7-8 years of experience in any of the following fields.

Third Party Risk Management

Information Security Audit

Risk Management Professionals who aspire to learn and gain exposure to TPRM

Professional Services (consulting)

Business Sponsors/Partners

Security Compliance

Supply Chain Professionals

Procurement Professionals

Security/Risk Analysts


TPRM Advanced Training Topics

After completing the Advanced TPRM Corporate Training, a professional will gain exhaustive learning and practical exposure with supporting templates in the following areas.

Introduction to TPRM

  • Why is it the need of the hour
  • TPRM risks that organizations are exposed to
  • Regulations and standards enforcing TPRM

Security Ratings

  • Overview of Methodology

  • Risk factors and scoring

  • Benefits

TPRM Life Cycle and Process

  • Overview of the TPRM process, Roles and Responsibilities

  • Inherent Risk, Control Effectiveness & Residual Risk

Security Due Diligence (Deep Dive)

  • Information Security Domains
  • Security and Privacy Regulations
  • Security Standards
  • Assessment Reports
  • Templates

Contract Management

  • Overview & Life Cycle
  • Types of contracts & examples
  • Security Exhibit & Importance
  • Applicability of Security Exhibit
  • Sample of Security Exhibit
  • Use Cases & approach to deviations

TPRM Operations

  • Teams supporting end-to-end Onboarding
  • Standard Operating Procedures (SOPs), Policies, Templates
  • Change Management Process
  • TPRM Metrics
  • TPRM Program Reporting (Operational, Senior Management, Board)
  • Top Challenges (People, Process and Technology) & Solutions
  • Best Practices

TPRM Audit

  • Pre-requisites for Internal & External Audit
  • Documentation
  • Inventory Management (Third Party, risks and reports)
  • Risk Acceptance & Exceptions
  • Findings Management

Third Party Incident Management

  • Triage & Respond
  • Stakeholder Communication
  • Evidence gathering & Impact analysis
  • Reporting & Assessment

TPRM Program

  • Objectives
  • Essential building blocks of the TPRM Program
  • Pre-requisites to build the TPRM program (policy, budget, approval, tools, human resources, process, teams)

Environmental, Social and Governance (ESG)

  • Overview and Relevance to TPRM
  • Key topics to include in Security Due Diligence

Issues Management

  • Overview & Life Cycle

  • Challenges & Solutions

  • Best Practices

  • Templates

Skill Competency in Human Resources

  • Technical Skills
  • Relevant Certifications
  • Soft Skills
  • Stakeholder Management


TPRM Industry Specific use cases & challenges

Apply the topics and concepts learned

Practice use cases which would be close to a real-case scenario

Conduct Due Diligence with templates

Security recommendations based on the engagement and challenges

Document issues using templates

Prepare Sample reports with templates

Draft observations, risk statements, impact and mitigation

Recommend compensatory security controls to reduce risk to acceptable levels

Contract negotiation & deviations

How will the ‘Advanced’ course benefit you?

  • To apply the concepts, techniques, standard processes, and best practices in your operations
  • Derive key metrics that are relevant to the senior management and board
  • Liaise with other teams to ensure a smooth transition of key steps in the TPRM process
  • Recommend viable solutions to the most common problems
  • Build relationships with businesses and across teams in spreading awareness
  • Provide valuable suggestions and inputs to the leadership
  • Develop reports (& trends) that give insights to the top management

Learning material that each participant will get:

  • Access to online course content in LMS during the training and for one week after the training
  • Quick reference guide on all topics covered (to retain)

About the Trainer

Sohil K. Naikwadi
COO, Defentrix Solutions Pvt. Ltd.

Sohil K. Naikwadi is an Information Security Professional with a Master’s Degree (MSc in Network Security) from the UK and over 16 years of proven experience playing various security and TPRM roles.

Frequently Asked Questions

We can assist you with job placement if you need to. But we don’t guarantee any job as such. We help you by assisting in preparing you to handle interviews and letting you know if any participating company has any requirements matching your skills.

Who should enrol for this course?

Industry professionals in the following fields would benefit from this Course

  • Information Security Audit
  • Risk Management Professionals who aspire to learn and gain exposure to TPRM
  • Professional Services (consulting)
  • Business Sponsors/Partners
  • Security Compliance
  • Supply Chain Professionals
  • Procurement Professionals
  • Security/Risk Analysts
  • Legal

How would this course benefit you?

  • Develop and expand TPRM as a niche skill in the industry
  • Practical exposure would help understand the dynamics of operations
  • Helps understand the gaps (if any) in the current process followed
  • Participate in crucial discussions with the business and security leadership
  • Helps to cross-train team members
  • Build a Knowledge base for the team
  • Better manage the risks identified

What are the pre-requisites before you enrol for the course?

  • Good understanding of basic concepts of risk management lifecycle
  • Good exposure to information security domains
  • Exposure to regulations and security standards
  • Exposure to the concepts of security audits
  • Moderately fluent in spoken and written communication (English)
  • Exposure to basic legal terms and definitions such as liability and indemnity

What kind of support can I expect after the training?

  • Post-training, participants will have access to the LMS for one week to review the course content and make notes.
  • 1:1 session for an hour for any TPRM-related topic of discussion in the week after the training.

How does a company engage with Defentrix to avail the training?

How do I pay for the training?

Payment can be made in the following ways
1.Bank Transfer (NEFT/RTGS)
Account No : 922020032633914
IFSC Code : UTIB0000363
2.Credit and Debit Card
4.Invoice (for companies)

Do I need to make the payment in full?

Yes, at least 3 working days before the course commences. For <3 days, please reach out to us at

Is Live Virtual training available for enrolment?

For now, we are providing classroom training but stay tuned for more good news. We are open to discussing requirements for on-site training.

What if the training is cancelled/rescheduled due to unforeseen circumstances?

Be rest assured, in such circumstances, we will ensure training is rescheduled by keeping the convenience of participants. Despite this, if you want to opt-out, we will refund the amount paid.

Hone your TPRM skills with Defentrix’s classroom training

Contact us today for our flagship Foundation and Advanced TPRM training

Latest Resources

2024 Leadership Vision for Third Party Risk Management (TPRM)

2024 Leadership Vision for Third Party Risk Management (TPRM)

CISOs have a diverse array of rapidly evolving priorities, threats, demands, regulatory pressures, and technology changes to address. Leaders need a structured approach to today's security and risk landscape covering third-party risk. This blog sheds light on...

TPRM Awareness, upskill and cross skill

TPRM Awareness, upskill and cross skill

The security world is very diversified, with the majority of the organizations practicing defensive security while a few have adopted offensive security as well. Security professionals need to keep abreast with developments in Third Party Risk Management space and...

DPDP Act 2023 (India) and Third Party Risk Management (TPRM)

DPDP Act 2023 (India) and Third Party Risk Management (TPRM)

The impact of globalization, social networking, outsourcing, adoption of cloud and technologies, cross border data flows are some of the prominent reasons why data collection and sharing is ubiquitous in this digital age. Many countries have realized the importance of...