![Original[1].png](https://static.wixstatic.com/media/27a8bd_bd0fa4386abe4700b87b1f5b823c0c22~mv2.png/v1/crop/x_0,y_300,w_3000,h_2400/fill/w_150,h_120,al_c,q_85,usm_1.20_1.00_0.01,enc_auto/Original%5B1%5D.png)
Managing Third Party Risk
Addressing Risks from Your Supply Chain and Third Parties
Working with third parties is a reality of business. From cloud storage to payroll, firms rely on vendors for business-critical functions. But any risk carried by third-party providers is the liability of the firm who hired them.
Agencies like the U.S. Department of Justice, Securities, and Exchange Commission, and Serious Fraud Office have increased their scrutiny on third-party risk management programs. They require organizations to continuously identify and manage risks throughout the relationship with their vendors, suppliers, contractors, and other third-party partners.
Vendor management includes more than just watching for bribery and corruption, however. Cyber security, data protection, and compliance with regulations like GDPR are the latest concerns for vendor management solutions – and the entire supply chain is included in the scope of vendor risk. Additionally, industry, geography, and relationship to the government add nuance to risk – but manual processes that worked for a hundred vendors can't be scaled as the firm grows. A practical third-party risk training, an effective onboarding, and enhanced due diligence are essential for stable growth.
Speak with one of our experts to help you get started
The training you buy will affect all the employees in your organization. Let’s get it right. Click the button, and we’ll ask you a few questions to suggest a course package that’s right for you.
What You Need
Risk-Based Approach
Organizational vendor risk management efforts based on your company’s unique risk profile.
Visual Training
Annual training that provides employees with a deeper level of understanding of working with third-parties, record keeping and due diligence.
Onboarding Process/Policies
Adequate policies and due diligence process to onboard, review, screen and monitor each third party in a consistent, trackable and time-efficient way.
Ongoing Monitoring
A simple way to identify and manage risk before it becomes an issue by consistently assessing the relative health of each of your third party relationships.
Report Intake & Management
Multiple methods for employees, customers and vendors to report fraud, including a whistleblower hotline
Defensibility
A system that captures, stores and retrieves important information about your supply chain and vendors.
Centralized Management
Shared access across the organization with uniform processes, reports and workflow for key stakeholders.
High Visibility
Access to information across locations and teams to consolidate and gain visibility into all third party activities.
Steps You Can Take to Build an Effective Third Party Risk Management Program
STEP 1
Define your organization’s risk based on industry, regulatory environment, number of third parties and other factors to define your risk profile.
STEP 2
Screen all of your third parties against your organization's risk profile, reports on adverse media, politically exposed people and sanctions lists.
STEP 3
Adequate policies and due diligence process to onboard, review, screen and monitor each third party in a consistent, trackable and time-efficient way.
STEP 4
Engaging and accessible visual information and training to educate your employees about administering, consolidating, and gaining visibility into all third party activities.