A successful information security program is built on the bedrock of risk management. One major area of digital risk comes from the University’s relationship with third parties. Digital risk management includes the identification and treatment of risk in information assets as well as allocation of resources necessary to treat risk. In this session, we will discuss digital risk at the University with a focus on third party risk management, the frameworks behind risk management, and the role that the greater IT community can play in risk management.