1) Discussion group – how to approach a migration.

• As-is migration or an opportunity for cleaning up?
• Approach – big bang or incremental migration?
• Product ownership and licensing – the importance of ownership and clear roles and responsibilities.
• Data alignment, mixing apples with bananas – an opportunity for CSDM 5.0?
• Managing licensing costs during the migration process.

 
2) Discussion group - Risk & 3rd Party Risk Management POV (Dora)

• Ensuring Effective Integration Between TPRM and Broader Risk Management Functions
  • How can we ensure sufficient integration between Third-Party Risk Management (TPRM) and traditional operational risk management as well as IT risk governance?
• Determining the Appropriate Scope of TPRM
  • How much TPRM is enough? Can we ever achieve a level of control that provides genuine comfort? And how should we approach risks associated with fourth, fifth, and sixth parties?
• Understanding the Broader Risk Landscape Amid Increasing Outsourcing
  • While third-party risk is frequently cited as a growing concern, most organizations continue to increase their reliance on external providers. It seems logical that third-party risk would rise in parallel. However, few discussions address whether overall enterprise risk is increasing or decreasing. Are there perspectives on this? Could rising third-party risk potentially offset or reduce risk in other areas?
• Optimizing Organizational Structure for TPRM Execution
  • What is the optimal organizational setup for managing procurement processes, regulatory compliance, supplier lifecycle oversight, and third-party risk management holistically?