This message was posted by a user wishing to remain anonymous
Depending on how your organization has defined the TPRM program's scope and bounds, I would think guest speakers would be out of scope for the TPRM program, no?
From a materiality perspective, they would have no access to confidential information or systems, no continuity risk, low compliance risk, etc. The risk profile should then be very low (below materiality threshold). Moreover, the guest speaker would likely not be able to respond to any control assessment questionnaire or provide documentation.
Original Message:
Sent: 06-06-2024 02:21 PM
From: Amanda McBride
Subject: Guest Speakers
How is everyone performing due diligence on guest speakers? What are you collecting? If they are coming onsite and don't have a COI, what are you doing?