Skip to content
Close
SEARCH
Contact Us
Contact Us
Consulting Services
Auditing Services
Network Security Services
Visit our FAQ Hub for answers to commonly asked questions
TRAC GRC Solution
 

Frustration-Free Risk Management

Simplify cybersecurity risk management and tackle your cybersecurity challenges with ease. TRAC is a powerful GRC tool that automates the tedious risk assessment process and delivers customized results aligned with regulations, best practices, and your strategic goals.

Discover TRAC
Schedule a Live Demo
Start a Free Trial
TRAC GRC Platform
Other Products

SBS Institute

Uniquely dedicated to delivering industry-leading, quality education that instills confidence and empowers you to take security into your own hands.

Certifications
Membership
SBS Institute Webinar Bundles
Certifications for Managers
Certifications for Executives
Technical Certifications
Webinars
Speaking Engagements
Resources
Who We Are
Who We Serve
Why Choose SBS?

Certified Banking Vendor Manager CBVM

Managing third-party vendor relationships is one of the most critical, yet most time-consuming, responsibilities in banking. The Certified Banking Vendor Manager (CBVM) course equips professionals with the skills to assess vendor risk, ensure regulatory compliance, and build a dynamic vendor management program. Through expert-led training and real-world exercises, you'll learn to select, evaluate, and manage vendors with confidence and walk away with a comprehensive program you can take straight back to your institution.

SBS Institute Certification Courses

Build and Lead a Best-in-Class Vendor Management Program

This course is designed for banking professionals who want to take control of their institution's vendor management process to reduce risk, save time, and stay ahead of regulatory expectations. It goes beyond theory, blending regulatory frameworks with hands-on exercises to help you build a comprehensive vendor management program ready to implement at your institution.

You'll apply your learning through activities such as conducting vendor risk assessments, reviewing SOC reports, evaluating vendor selection criteria, structuring contracts, and designing a dynamic vendor management program. You'll also gain practical guidance on IT audit and exam preparation so you can approach examiner conversations with confidence.

Course Outline

This comprehensive course combines in-depth learning with practical application to help you master vendor management in the banking industry. Expert-led lectures are broken into bite-sized lessons for easy understanding, and interactive exercises let you apply your knowledge to real-world scenarios. Enjoy personalized instructor support throughout the program to strengthen your expertise in managing vendor relationships and regulatory requirements.

7 Modules
9 Real-World Exercises
3 Quizzes Plus Final Exam
15 Hours to Complete
Laws, Regulations, Breaches, and Threats
  • Banking laws and regulations
  • Interagency third-party risk management guidance
  • Other cybersecurity standards and their role in vendor management
  • Vendor threats and the evolving cybersecurity landscape
  • Quiz: Test your knowledge
Information Security Program and Risk Assessment
  • Information security program components
  • IT risk assessment and vendor risk management
  • Quiz: Test your knowledge
Vendor Risk Assessment and Classification
  • Vendor risk assessment
  • Categorizing and classifying vendors by risk level
  • Exercise: Vendor risk assessment
  • Quiz: Test your knowledge
Vendor Selection
  • Vendor selection regulations and guidelines
  • Models to manage risk
  • SOC reporting, bridge letters, and CUECs
  • Shared assessments, ISO 27001, and PCI
  • Questionnaires, onsite visits, and other assessment tools
  • Exercise: SOC review
  • Vendor selection process, results, and reporting
  • Exercise: Vendor selection
Ongoing Vendor Management
  • Ongoing vendor management rules and regulations
  • Ongoing vendor management process and required documentation
  • Exercise: Contract review
  • Models to manage risk and vendor breach monitoring
  • Vendor management results and reporting
  • Exercise: Question sets
  • Fourth-party management
  • Exercise: Ongoing vendor management
Creating a Dynamic Vendor Management Program
  • Vendor management programs
  • Exercise: Build a vendor management program
  • Tying vendors to business continuity planning
  • Dynamic vendor management programs
  • Shortfalls of vendor management
  • Exercise: Dynamic vendor management
IT Audit and Exam Preparation
  • IT audit and exam preparation
  • Exercise: Audit and exam preparation
  • CBVM exam prep
Final Exam
  • Comprehensive final exam

Learning Objectives

By the end of this course, you will earn the designation of Certified Banking Vendor Manager and a certificate of completion. Throughout the program, you will:

  • Become a trusted expert in vendor management in the eyes of your auditor or examiner
  • Alleviate some of the stress of vendor management by designing an effective, time-saving process
  • Develop a clear understanding of vendor breaches, laws, and regulations
  • Implement a vendor selection and review process with confidence
  • Comply with FFIEC external dependency management guidelines
  • Assess and classify vendor risk based on criticality and exposure
  • Review and evaluate SOC reports as part of vendor due diligence
  • Structure vendor contracts with appropriate safeguards and expectations
  • Monitor vendor performance and manage ongoing third-party risk
  • Build a dynamic, sustainable vendor management program for your institution
  • Prepare for IT audits and regulatory examinations with confidence

Audience

This program is designed for banking professionals responsible for managing third-party vendor relationships and ensuring regulatory compliance. Ideal participants include those overseeing vendor selection, contract management, risk assessments, and ongoing vendor monitoring within their institutions.

Recommended Roles:

  • Information security officers
  • IT managers and administrators
  • Compliance officers
  • Security officers
  • Operations officers
  • Auditors
  • Risk management specialists
  • Professionals new to vendor management responsibilities

Laura Zannucci CISA, CISM, CRISC, CDPSE

SpeakerBioPhotos_Laura

Laura Zannucci is the audit manager at SBS CyberSecurity. Laura maintains her Certified Information Systems Auditor (CISA), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Certified Data Privacy Security Engineer (CDPSE) certifications. She received her Bachelor of Science in Business Administration from the University of Tennessee at Chattanooga and is a graduate of the Southeastern School of Banking.

Laura has been involved in the financial services industry since 1993, serving in a variety of roles, including information security officer, internal auditor, and deposit and loan operations manager. She joined the SBS team in 2015 with an extensive background in banking information security practices.

Laura is passionate about helping organizations identify and understand cybersecurity risks, allowing them to make better, more informed business decisions. She is excited about sharing her knowledge through speaking engagements, webinars, and trainings.

Enroll

Pick a cohort or get started on-demand. All sessions are instructor-led, and all assignments are expert-reviewed.

May 12, 2026
10-week session ends July 21
Aug. 11, 2026
10-week session ends Oct. 20
Nov. 10, 2026
10-week session ends Jan. 19
On-Demand
Start today with 10 weeks to complete
Want to Save?
Members enjoy $100 off certifications, $50 off SBS webinars, and exclusive invitations to member-only quarterly Cyber Report webinars.
Become a Member