How to Manage Third Party Risks for GDPR, CCPA, and Beyond

Webinar - Aravo Webinar Series Logo

The General Data Protection Regulation (GDPR) went into enforcement in May of 2018, changing the way companies process, store, and transfer data. Just as organizations adopt this regulation, along comes two new data privacy/security laws, the California Consumer Privacy Act (CCPA) and the California – Information Privacy; Connected Devices. All of this poses new questions and risks to be managed.

Topics discussed in the webinar include:

  • What is the current status of GDPR and its global impact?
  • What exactly is the CCPA and the new IoT law, who is impacted, and how do you become compliant?
  • How does this affect third-party risk and TPRM?
  • What tools and techniques should you utilize to effectively manage your vendors?


Tom Garrubba

Tom Garrubba
Sr. Director/CISO
Shared Assessments

Tom Garrubba
Tom is an internationally recognized thought leader, lecturer, and blogger on third party risk, and is the head instructor for their Certified Third Party Risk Professional (CTPRP) program. An active writer and blogger on business risk, he has provided insight and commentary for various industry websites including the Huffington Post, Future of Outsourcing Magazine, Corporate Compliance Insights, Brilliance Security Magazine,, Government Health IT, and ISACA. Previously, Tom was Senior Privacy Manager at a Fortune 10 US-based Healthcare company where he implemented and managed a world-class third party risk program. He has over 20 years of experience in IT security, privacy, audit, and compliance in industry and public consulting.

Aravo is the industry leader, trusted by the world’s most reputable brands.

Our Expertise
Who We Help

Ready to get started?

Schedule a Personalized Demo