Store Home Board & Committees
Certified Regulatory Vendor Program Manager (CRVPM®) Level IV course (online)

Your Price:
  • This course and certification is provided by the Compliance Education Institute.

    This course focuses on the Business Continuity Management (BCM) component of vendor management. Using BCM’s strategic and risk-based approach to ensuring business resilience in order to minimize disruptions and the associated losses.

    This course describes how utilizing multiple inter-related programs, plans, analyses and assessments helps the enterprise understand its gaps and exposures and prepare for the constantly changing global business environment.

    The COVID-19 pandemic has caused everyone to rethink how to prepare for high impact events that carry nearly no advance warning and that have far-reaching, long-term effects and consequences for many, including our customers, business partners and the third party risk management ecosystem.

    Who should attend

    This course is beneficial to compliance professionals, senior executives, and those who manage 3rd party relationships.

    Prerequisite for this course: CRVPM® Level 1, 2, & 3

    The Certified Regulatory Vendor Program Manager (CRVPM®) Level IV Advanced course focuses on Business Continuity Management (BCM) with emphasis on the updated FFIEC Guidance.

    Level IV addresses the following:

    1. Business Continuity Management and Resilience

    • BCM Components
    • Business Resilience Components
    • BCM & Risk
    • BCM Governance
    • BCM Audit

    2. Business Impact Analysis (BIA) and Risk Assessment (samples and scorecard included)

    • The importance and benefits of conducting BIA’s
    • How To Conduct a BIA (with template)
    • Conducting a risk assessment (scorecard included)
    • Recovery Point Objective - RPO
    • Recovery Time Objective: RTO
    • Maximum Tolerable Downtime
    • Backup Site Options

    3. Business Continuity Planning

    • Issues Driving Change
    • Benefits of a Sound BCM Program
    • Regulations
    • Training
    • Testing

    4. Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning

    • Crisis Management Planning Components
    • Incident Response Plan vs. BCP • Incident Response Plan Components
    • Incident Types and Severity Levels
    • Disaster Recovery Plan – What is It, Why We Need It
    • DR vs. BCP
    • Components

    5. Pandemic Planning

    • Pandemic vs. Epidemic vs. Endemic
    • Pandemic Planning vs. BCP
    • Components of a Plan
    • Current Lessons Learned from COVID-19

    About the presenter: Compliance Education Institute LLC

    Mick Kless is the founder and CEO of RISC Associates, a regulatory compliance consultancy and compliance automation tools developer, and Compliance Education Institute, the training and education division of RISC. He is a recognized industry expert on vendor management and the creator of the Certified Regulatory Vendor Program Manager (CRVPM) course. Mick has spent more than 30 years in financial services, has focused on GLBA 501(b) issues since 2001 and has specialized in vendor management regulatory issues since 2004. For course access questions, email

    Course length: 20 hours