Integrating Third Party Risk Management in Procurement Process and ERM

Risk exposure is indiscriminate. And risks arising from third party relationships like vendors/suppliers are a significant corporate and regulatory concern. The regulatory authorities have provided guidance on the responsibility of enterprises to understand, manage and monitor their third party vendor relationships. Self-certification vendor management programs are generally no longer sufficient to meet regulatory expectations. Rather, a robust and active vendor monitoring program is the requirement.

New suppliers and technology advancements bring opportunities to take risks that can be positive for a business. However, economic or environmental events can bring an industry to a halt. Even established suppliers may be hurting due to the latest Cyber Attack, hurricane or recession.

Do you Assess you suppliers? Do you??
Do you? Know what the potential risks inherent in vendor relationships and how to mitigate them.
Do you? Know what the risk is to the customers if there is a privacy breach.
Do you? Know how would a loss of outsourced services or a breach of systems impact our ability to operate.
Do you? Ask for evidence or documentation proving the company’s standards in areas of concern to your business.

Knowing is Important! Very Important!!
Knowing that your vendor relationships are complying with the agreements in place is important.
Knowing how dependent are your third parties on subcontractors and sub-servicers.
Knowing that the reports you rely on from third-party vendors are accurate.

Embedding Governance and Security in Procurement Process and Vendor Contracts is Vital! Act on it… intiGrow helps clients answer these questions, comply with regulatory guidance, implement industry best practices to monitor and report risks.

For any further questions please email us and we can go over your vendor risk metrics.

Share this

Leave a reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.