Randy Ferree

Consultant, CIPP/E, CIPM, OneTrust

Randy Ferree serves as a Third-Party Risk Consultant for OneTrust VendorpediaTM– a purpose-built software designed to operationalize third-party risk management. In his role, Ferree advises companies throughout their third-party risk management implementations to help meet requirements relating to relevant standards, frameworks, and laws (e.g. ISO, NIST, SIG, GDPR and CCPA). Ferree works with clients to centralize their third-party information across business units, assess risks and performance, and monitor threats throughout the entire third-party relationship, from onboarding to offboarding.

My Sessions

Identifying Risky Vendors: 7 Warning Signs You Shouldn't Ignore

For individuals managing third-party risk, there is one primary question that needs answering: Are your vendors safe to do business with? Answering that question is not so straightforward. Third-party risk comes loaded with complexities and compromises. However, there are “red flags” you can look for when evaluating the security, privacy, and compliance programs of your vendors.