Third-Party Risk Management


Increasing The Quality & Efficiency Of Your Vendor Risk Program

Companies that outsource are effectively extending their enterprise to include the services of the third parties with whom they’ve contracted. While wholesale failure of third-party services is fairly rare, gaps in control performance are not. This is why leading enterprises seek to assess and manage.

Vendor Manager's Guide to Risk Reduction

Once you understand how a particular vendor’s risks might impact your business, you have to make a choice:

  • Agree to bear the risk that has been identified;
  • Reject the vendor and look for another that can meet your needs; or,
  • Collaborate with the vendor to remediate the risk and help the company become a more suitable business partner.

Remediation consists of a management program in which you present your vendor with a list of findings or deficiencies then work together to develop a plan to address those shortcomings with a schedule for completion. Ideally, you and the vendor will work together to determine when and how you will put the controls in place.

A key aspect of any vendor relationship, remediation acts as a two-way street that allows you and your vendor to learn about each other’s business practices and to gauge how much each is willing to invest in a mutually beneficial partnership.

© ProcessUnity. All rights reserved. Privacy Policy