Gaining ground: A digital path to third-party oversight

Third-party risk management (TPRM) global survey 2021

Participation in Deloitte's global survey on Third-Party Risk Management ("TPRM") has grown over the past six years to a record high of 1,170 responses from more than 30 countries in 2021.

Explore key findings from the sixth edition of the survey to understand in detail the current trends and companies' challenges relating to TPRM, including the impact of the global pandemic and of digital advancement.


Our key findings

1. Many organizations are still responding to the global pandemic

Organizations are taking longer than expected to respond to the pandemic, which has slowed their ability to recover and thrive.  Many companies aspired to increase the maturity of their TPRM practices after assessing the full range of their vulnerabilities to their third-parties.  Those that underinvested in TPRM faced more high-impact third-party incidents than those that did invest.

2. Risk intelligence is a key funding priority

The focus on technology-enabled risk intelligence provides a more immediate opportunity for organizations to adopt more integrated and effective TPRM practices, in particular with respect to real-time monitoring of third-parties.

3. Digital risks are a top concern

Digital risks, arising from increasingly digitized ways of working, are a top emerging concern, as respondents recognize the undesirable aspects of technology adoption and transformation.

4. Cost pressures are preventing insourcing

Many organizations still feel significant pressure to save costs by continuing to outsource business activities, even when they have credible concerns about process failures or loss of control that can result from outsourcing.


How we help our clients

We help many organizations manage the critical risks associated with their third-party relationships through a wide range of service offerings.

We assist organizations with assessing the capability of their existing TPRM practices and with developing bespoke TPRM frameworks (covering governance, people, process and technology) to manage third-party risk and realize potential value in their extended enterprises. 

Our experienced team also advises on third-party risk, contract and performance management, as well as technology to enable and implement third-party management practices. 

We also support organizations with operating different elements of the third-party risk management lifecycle on their behalf, through our global managed services solution.  This covers all aspects of third-party management activity, including third-party selection, contracting, monitoring and exit, making use of technology tools (i.e. contract discovery, contract clause extraction and risk sensing).

Please download our 2021 global third-party risk management survey for more information. 

If you would like to discuss third-party risk management, please get in touch with one of our specialists below.


Get in touch

Hugh Gozzard
Partner –
Extended Enterprise Risk Management
Risk Advisory
Tel:  (852) 2852 5662


Pence Peng
Partner –
Strategic Risk Leader
Risk Advisory
Tel:  (86) 10 85125347


Golden Liu
Partner –
Extended Enterprise Risk Management Leading Partner
Risk Advisory
Tel:  (86) 10 85125309

Previous TPRM survey reports

Third party risk management survey – 2020
Be responsible and effective

Deloitte’s fifth annual third party risk management (TPRM) survey showed that for the first time in five years, a desire to be a responsible business that effectively manages environmental and social issues throughout its supply chain is a key reason companies invest in TPRM.


Third party risk management survey – 2019
All together now

Deloitte’s fourth annual third party risk management (TPRM) survey shows there is renewed focus on maturing TPRM practices within most organisations. This appears to be driven by a recognition of underinvestment in TPRM coupled with mistrust of the wider uncertain economic environment.


Third party risk management survey – 2018
Focusing on the climb ahead

Deloitte’s third annual third party risk management (TPRM) survey aims to capture improvements in maturity of TPRM frameworks with a specific focus on the business case and investments in TPRM.


Third party risk management survey – 2017
Overcoming the threats and uncertainty

Deloitte’s second annual third party risk management (TPRM) survey covers a number of issues that span the management of the extended enterprise and related risks in a rapidly changing environment.


Third party risk management survey – 2016
The threats are real

The survey results show that investment by organisations in third party risk management (TPRM) has increased year on year and that organisations are implementing or refining their TPRM processes and frameworks.

Did you find this useful?