Third-party Governance and Risk Management

Overcoming the threats and uncertainty

Extended enterprise risk management global survey 2017

It's what we do that makes the difference

Third-party risk management in many organisation’s has continued to benefit from greater executive awareness; however significant changes in the external environment have slowed down progress in implementing holistic, integrated frameworks and risk management mechanisms over the last 12 months.

Despite this awareness, and some associated improvements in TPGRM, five key areas exist where further effort is required by most organisations:

  • Dependency and vulnerability
    Despite high dependency on third-parties, organisations are still not fully equipped to manage the risks in a holistic and coordinated manner, including those arising from external uncertainties.
  • Relationship management
    Understanding of third-parties is increasing but comprehensive, data-driven risk management and capability to predict emerging risks is still developing.
  • Governance and risk management processes
    Despite executive sponsorship there is still a long way to go to get processes and technology working effectively.
  • Technology platforms
    An integrated TPGRM technology platform that addresses the needs of every organisation has not emerged.
  • Emerging delivery models
    New delivery models are emerging (e.g. utility models, hubs) to better address the challenges of managing third-party risk

Our report looks at how global organisations are addressing the challenges they face in managing third party risk, as they face uncertainty in the external environment and develop various hybrid and innovative delivery models that enable the organisation to remain agile and competitive in the marketplace.

Previous reports

For many organisations, their third party ecosystem, or ‘extended enterprise’, is an important source of business value and strategic advantage. However, as the reliance on third parties continues to grow, so do the associated risks, bringing potential reputational damage and regulatory action.

Our experienced teams work with clients to develop governance frameworks which effectively identify and manage all forms of third party risks, looking at both process and technology solutions to deliver value and meet contractual obligations.

Did you find this useful?