Third-party Risk Management
An end-to-end managed service solution for your extended enterprise
A typical Fortune 500 organization may use more than 100,000 external third-parties (for example, vendors, suppliers, service providers, and outsourcers) to meet its business objectives and stay competitive. With a significant reliance on an interconnected network of third-party relationships (typically known as the “extended enterprise”), there is increased exposure to a growing portfolio of risks, cost, performance, and regulatory pressure. Deloitte’s Third-party Risk Management (TPRM) managed service is a first-of-its kind, leading-edge solution that efficiently manages the risks associated with third-parties while driving cost and revenue recovery through TPRM operations.
The TPRM managed service: An optimized approach to risk management
The TPRM solution is an end-to-end managed service that streamlines the entire TPRM process, from third-party engagement/initiation and selection through contracting negotiations and ongoing monitoring. The TPRM managed service solution includes:
- Third-party screening: The use of advanced analytics and artificial intelligence (AI) to collect and examine data from the internet and proprietary databases to identify risk indicators.
- Background checks: Comprehensive checks, including detailed research into companies, key individuals, and ultimate beneficial owners.
- Third-party questionnaires: Collection and analysis of data from the third-party regarding its control environment (such as policy, process, and capability). Deloitte's questionnaires meet regulatory expectations.
- On-site inspections: On-site, detailed assessments of the third-party’s control environment. These inspections are performed by experienced professionals with risk domain expertise.
- Monitoring: Ongoing analysis (using data analytics and AI) of various data sources to identify any emerging or new issues regarding in the third-party portfolio.
This third annual survey report looks at how global organizations are putting a renewed focus on enhancing EERM amid increasing dependence on third-parties. It also highlights six key areas where most organizations need improvement.