Cert Corner: What Is the CTPRP Certification? Building a Third-Party Risk Program S1E15 скачать в хорошем качестве

Cert Corner: What Is the CTPRP Certification? Building a Third-Party Risk Program S1E15

What does it actually take to build a third-party risk program from the ground up? In this Cert Corner episode, Omar breaks down the Certified Third-Party Risk Professional (CTPRP) certification, what he learned, and who should consider taking it. Third-party risk is one of the fastest-growing challenges in cybersecurity and enterprise risk management. But if you’re tasked with building a vendor risk program, where do you start? In this episode of Cert Corner, Omar Sangurima and Alyson Laderman dive into the Certified Third-Party Risk Professional (CTPRP) certification from Shared Assessments and what it teaches about designing and formalizing a third-party risk management program. Omar explains why he pursued the certification while standing up a third-party risk program in his day job, the difference between program builders vs. assessors, and how the certification helped identify gaps in reporting, governance, and program structure. They also discuss: How third-party risk fits into enterprise risk management Why reporting and board visibility matter The role of vendor questionnaires like the Shared Assessments SIG Who should consider the CTPRP certification What the exam experience is actually like Study materials, time commitment, and pricing considerations If you work in vendor risk management, cybersecurity governance, supply chain security, or enterprise risk, this episode gives a real-world perspective on whether this certification delivers practical value. Topics Covered • What the CTPRP certification is • Builder vs. inspector roles in third-party risk • Standing up a third-party risk program • Vendor risk questionnaires and Shared Assessments • Reporting risk to leadership and boards • Certification prep and exam experience About The Cyber Mettle Podcast The Cyber Mettle Podcast explores the intersection of cybersecurity, law, business, and human decision-making. Hosted by cybersecurity professionals and attorneys, the show breaks down complex security issues, certifications, and real-world challenges facing modern organizations. CHAPTERS: 00:00 – Welcome to Cert Corner 00:29 – Podcast disclaimer and introductions 00:43 – Listener request: reviewing the CTPRP certification 01:10 – Third-party risk “builder vs inspector” concept 02:00 – Why Omar pursued the certification 03:10 – Standing up a third-party risk program 04:10 – The importance of reporting and board visibility 05:50 – Did the certification deliver real value? 07:20 – Who should consider the CTPRP certification 09:00 – Shared Assessments and vendor questionnaires (SIG) 11:20 – The exam format and proctoring experience 14:40 – Time management strategies during certification exams 16:20 – Flagging questions and exam design insights 18:00 – Study materials and preparation approach 18:30 – Certification cost and pricing considerations 20:40 – Tool ecosystems and vendor risk platforms 21:10 – What the certification teaches about program design 21:40 – Final thoughts on the certification 23:10 – Listener requests for future cert reviews 24:50 – Closing remarks #Cybersecurity #ThirdPartyRisk #VendorRiskManagement #CyberRisk #CybersecurityCertifications #CTPRP #RiskManagement #CyberMettle KEYWORDS: cybersecurity certifications, CTPRP certification, certified third party risk professional, third party risk management, vendor risk management program, shared assessments SIG questionnaire, cybersecurity risk governance, enterprise risk management cybersecurity, vendor security assessments, cybersecurity certification review