Get the Skills you need from Home with SANS OnDemand


To attend this webcast, login to your SANS Account or create your Account.

Practical Approach to Vendor Risk Management & Data Privacy

  • Wednesday, June 26th, 2019 at 3:30 PM EDT (19:30:00 UTC)
  • Norman Levine
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • Spirion

You can now attend the webcast using your mobile device!


This webcast will provide an overview of what elements are required to implement and deliver a successful Vendor Risk and Data Privacy agreement. It will cover company culture, how to prepare a checklist for an agreement and the essential IT elements within the agreement itself. Required policies and 3rd party certifications will be discussed along with key elements of focus. Included within the presentation will be a discussion on data privacy and what is necessary to potentially avoid costly fines. Key topics include the following:

  • The cultural affects Dont change the culture but work within it 
  • IT Checklist With what data are you dealing and understanding what is required
  • Data Security Addendum What are the essential requirements you need to know
  • Managing data privacy To what standard should you ascribe and why
  • Reviewing the Information Security Program and other policies within a company
  • 3rd Party Certifications Continuous Monitoring The importance and why
  • Summary Putting it all together

Speaker Bio

Norman Levine

Norman Levine is an IT practitioner who built his first website 25 years ago and sold the first HTML editor “Hot Metal Pro” on it. In the late 90’s he had his own weekend radio show, CyberTalk where he reviewed the latest software, books, and computer peripherals.

Spanning a quarter of a century, Norman has honed his skills and developed an expertise in Vendor Risk Management and Data Privacy. From 2013 to 2018 Norman was responsible for contractual oversight for all global contracts at Stanley Black & Decker that contained an IT component and/or data privacy requirement. It was his responsibility to ensure the efficacy of these vendors. Today, as a consultant, he works with companies in honing their skills within this space.       

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.