Practical Vendor risk Workshop
RCCE students will learn comprehensive vendor and third-party risk management covering vendor due diligence, ongoing monitoring, contract security clauses, and vendor incident coordination. RCCE students will learn to build vendor risk management programs from the ground up, assess vendor security posture through questionnaires, certifications, and independent testing, negotiate security requirements into vendor contracts, implement continuous vendor risk monitoring using security ratings and threat intelligence, manage fourth-party risk through supply chain mapping, respond to vendor security incidents, and maintain vendor risk registers that inform procurement and partnership decisions. This practice-intensive course emphasizes applied skills through lab exercises, real-world scenarios, and production-realistic workflows. Building on core knowledge, RCCE students will learn by doing, building muscle memory and practical confidence through repeated hands-on engagement. Students complete exercises that mirror actual workplace tasks, ensuring skills transfer directly to their professional roles.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Practical Vendor risk Workshop
- Execute hands-on tasks for practical vendor risk workshop
- Execute hands-on tasks for comprehensive vendor & third-party risk management
- Explain Course Overview fundamentals
- Execute hands-on tasks for what you will master
- Execute hands-on tasks for vendor due diligence — covering Risk-based assessment frameworks.
- Execute hands-on tasks for contract security — covering Mandatory security clauses.
- Monitor and audit privilege usage; detect escalation attempts, including Security rating platforms.
- Execute hands-on tasks for incident coordination — covering Vendor breach playbooks.
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for assess vendor posture — covering from ground up, Deploy security questionnaires.
- Monitor and audit privilege usage; detect escalation attempts, including Embed security requirements.
- Execute hands-on tasks for vendor risk management fundamentals
| Module 01 | Practical Vendor Risk Workshop |
| Module 02 | Comprehensive Vendor & Third-Party Risk Management |
| Module 03 | Course Overview |
| Module 04 | What You Will Master |
| Module 05 | Vendor Due Diligence |
| Module 06 | Contract Security |
| Module 07 | Continuous Monitoring |
| Module 08 | Incident Coordination |
| Module 09 | Learning Objectives |
| Module 10 | Assess Vendor Posture |
| Module 11 | Monitor & Respond |
| Module 12 | Vendor Risk Management Fundamentals |
| Module 13 | What is Vendor Risk Management? |
| Module 14 | Regulatory Pressure |
All hands-on labs run on Rocheston Rose X OS. Students practice practical vendor risk workshop by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for practical vendor risk workshop
- Lab 2: Execute hands-on tasks for comprehensive vendor & third-party risk management
- Lab 3: Explain Course Overview fundamentals
- Lab 4: Execute hands-on tasks for what you will master
- Lab 5: Execute hands-on tasks for vendor due diligence
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Practical Vendor risk Workshop, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI