-
Course
- Security
Third Party Risk Management (TPRM) for Supply Chain Security
Modern software relies on third-party tools and vendors that introduce risk. This course teaches you how to manage that risk and align your practices with supply chain security frameworks.
What you'll learn
Modern software development depends on a complex ecosystem of third-party vendors, open-source components, and external services. But without proper oversight, a single weak link can introduce serious security, compliance, and operational risks. In this course, Third Party Risk Management for Supply Chain Security, you’ll gain the skills needed to assess, manage, and reduce risk across the software development lifecycle.
First, you’ll explore how to evaluate vendors and components, establish onboarding and review processes, and continuously monitor your risk posture. Next, you’ll discover how to align your practices with frameworks like NIST 800-161 and ISO/IEC 27036, and how to demonstrate compliance through audit trails, reporting, and vendor questionnaires. Finally, you’ll learn how to define key performance indicators to measure supply chain risk, track program maturity, and communicate progress to stakeholders.
When you’re finished with this course, you’ll have the knowledge and tools to build a resilient, compliant, and transparent third-party risk management program.
Table of contents
About the author
Alex has spent the past 30 years working as a software developer, application architect, cybersecurity professional, and technical trainer. He is a lifelong learner and holds over 20 active certifications in software development, project management, and cybersecurity. Alex is a CompTIA and Microsoft Certified Trainer and enjoys sharing his knowledge with others. He has taught at Rutgers University (NJ), Bergen Community College (NJ), County College of Morris (NJ), College of Southern Nevada, and UNLV.
More Courses by Alexander