Third-Party Risk Management

The global pandemic dramatically increased the magnitude of third-party risk, as well as the need to manage it. Third-party risk management (TPRM) has become a board level concern across industries. And not surprisingly, managing risk rose to the top spot on the agenda for both procurement and supply chain executives in The Hackett Group’s 2022 Key Issues Study. How sound is your approach to third-party risk management?

Where many companies fall short

In our 2021 Third-Party Risk Management Performance Study, about 50% of companies said they still rely on spreadsheets and email to manage third-party risk. More than half of organizations admitted to taking a reactionary approach rather than trying to get ahead of the problem. And only 20% monitor business risk continuously.

Growing complexity requires more diligence

Multiple risks

  • Supply chain
  • Financial
  • Location-based
  • Reputational
  • Regulatory
  • Information security
  • Corporate responsibility
  • Quality
  • Catastrophic events

Multiple regulators

SEC, DOJ, OCC, FRB, NYDFS, OSFI, CFPB, FDIC, MAS, HKMA, FFIEC, Office of Thrift, FCA, SFO, NCUA, ECB, FHFA, etc.

Complex relationships

  • Third Party IT services company
  • Relationship Outsourced payroll processing
  • Subcontractor Data center backup
  • Subcontractor Courie service

Our comprehensive and continuous approach

Our TPRM approach – built on business best practices – establishes technology-enabled capabilities that stand up in today’s complex risk environment. It starts with robust diligence before before a third party begins doing business with your organization – and then establishes continuous monitoring and management throughout the relationship.

Our third-party risk management services include:

  • Assessment – Evaluate current processes – from initial onboarding to monitoring and recertification – and identify gaps to top performance.
  • Transformation and optimization – Introduce business best practices around governance, people, and processes and work with you to prioritize initiatives.
  • Technology selection – Determine business, functional, and technical requirements and use them to guide the selection process.
  • Implementation – Deliver best-in-class results from TPRM technology, using a proven, iterative implementation approach.

We look beyond technology to the policies, processes, governance, organization, and other dimensions that drive effective third-party risk management. In other words, we make sure your organization uses today’s best tools to manage business risk, better and more efficiently.

Access our unparalleled intellectual property and proven performance improvement accelerators. This includes our proprietary Third-Party Risk Management Playbook to implement faster and realize the value sooner.

Our experienced sourcing and procurement professionals have years of experience, with deep insight into the evolving array of third-party risks that affect global organizations.

Our established partnerships mean more value, delivered faster

Coupa
ServiceNow
Prevalent
SAP Ariba
Aravo