Third-party Risk Management

An end-to-end managed service solution for your extended enterprise

A typical Fortune 500 organisation may use more than 100,000 external third-parties (for example, vendors, suppliers, service providers, and outsourcers) to meet its business objectives and stay competitive. With a significant reliance on an interconnected network of third-party relationships (typically known as the “extended enterprise”), there is increased exposure to a growing portfolio of risks, cost, performance, and regulatory pressure. Deloitte’s Third-party Risk Management (TPRM) managed service is a first-of-its kind, leading-edge solution that efficiently manages the risks associated with third-parties while driving cost and revenue recovery through TPRM operations.

Explore Content

The TPRM managed service: An optimised approach to risk management

The TPRM solution is an end-to-end managed service that streamlines the entire TPRM process, from third-party engagement/initiation and selection through contracting negotiations and ongoing monitoring. The TPRM managed service solution includes: 

  • Third-party screening: The use of advanced analytics and artificial intelligence (AI) to collect and examine data from the internet and proprietary databases to identify risk indicators.
  • Background checks: Comprehensive checks, including detailed research into companies, key individuals, and ultimate beneficial owners.
  • Third-party questionnaires: Collection and analysis of data from the third-party regarding its control environment (such as policy, process, and capability). Deloitte's questionnaires meet regulatory expectations.
  • On-site inspections: On-site, detailed assessments of the third-party’s control environment. These inspections are performed by experienced professionals with risk domain expertise.
  • Monitoring: Ongoing analysis (using data analytics and AI) of various data sources to identify any emerging or new issues regarding in the third-party portfolio.

Key contacts

Candice Holland

Candice Holland

Director: Risk Advisory Africa

Candice has 15 years’ experience and leads the Regulatory Risk capability within Risk Advisory Africa, providing regulatory solutions to both the private and public sectors. She has regulatory complia... More

Nombulelo Kambule

Nombulelo Kambule

Associate Director: Risk Advisory Southern Africa

Nombulelo is an associate director in Risk Advisory and leads Deloitte Africa’s Extended Enterprise Risk Management (“EERM”) team. Nombulelo is a third party risk management subject matter expert and ... More