Put third-party risk first on the agenda

The risks are real and growing

Third-party risk management and governance are evolving challenges. Canadian companies, like their global counterparts, are using third-party vendors more and more. Where once this was largely a cost-trimming measure, vendors are now being engaged to deliver long-term value, such as by improving production efficiencies, augmenting in-house skills, or freeing the organization to focus on its core competencies.

Clearly, increasing your use of third parties—letting them access information and operate within your organization —carries with it some risk. Knowing this, however, is a far cry from mitigating it, especially given the speed with which today’s risk landscape is changing.

Not only are the types of risk expanding, the scope of potential impacts—from financial to reputational—is growing as well. One US retailer, for example, is facing losses that may top $80 million in a recent third party-related information breach. Many companies are feeling the pressure to quickly upgrade their external-provider risk management and governance processes.

Areas of concern for leaders
The Deloitte publication Third-party governance and risk management: The threats are real addresses a wide range of third-party risk topics. Featuring responses from leaders and management at over 170 organizations worldwide, the survey report provides perspectives on risk challenges in four key areas:

  • The third-party ecosystem
  • Managing third-party risk
  • Third-party governance 
  • Technology and delivery models

Third-party risk is greater, and changing faster, than ever before. To learn what global leaders are saying about it, and what actions you can take to protect your organization, read Third-party governance and risk management: The threats are real.

Did you find this useful?