iCONIC 2025 | Third Party Risk Management (TPRM) Solutions

Speaker: Stephen Mathezer, Vice President, Service Delivery & Innovation

Stephen Mathezer outlines the importance of managing third-party risk in today’s complex vendor ecosystems. He defines third parties broadly—from IT vendors to contractors—and explains how to assess their access, potential impact, and associated risks. Key risk areas include cybersecurity, compliance, operational continuity, and reputational damage.

The session explores different TPRM approaches, from manual assessments to fully managed services. Stephen introduces three models: Augmented Capacity, Assessment Factory, and TPRM as a Service (TPRMaaS)—each offering varying levels of automation and outsourcing. He concludes by highlighting the benefits of a mature TPRM program, including improved visibility, faster assessments, and stronger compliance and resilience.