Third-Party Risk Management Third-Party Risk Management Third-Party Risk Management

The potential benefits of a third-party network can also come with a host of risks. As the global marketplace grows more complex and competitive, third-party relationships become increasingly crucial to decreasing costs, managing risks, enhancing customer experiences, hastening speed-to-market, and improving value and profitability. Without reliable and reputable third-parties (i.e. vendors, suppliers, distributors, and contractors — in addition to brokers, agents, resellers, and contract manufacturers), businesses cannot compete with more dynamic organizations in their industry; and by inviting these entities into an organization’s network, they may also be opening the door to unwelcome risks.

Legal and regulatory compliance, information security / cyber-security, business continuity, strategic, financial viability, and reputation risks represent a range of topics that may present surprises if not properly assessed or evaluated to properly manage the respective risks to an organization.

The KPMG Third-Party Risk Navigator has been developed to bring together the key components of an effective Third-Party Risk Management (TPRM) program while considering their sequencing and interconnectivity. The KPMG Third-Party Risk Navigator focuses on two key sections:

1. Program Oversight: What is considered in an organization’s third-party risk program in order to address potential third party risks?
2. Process Oversight: What are the processes in handling third parties within an organization in order to mitigate potential risks?

Behind our third-party risk maturity assessment sits established US and European regulatory guidance, industry standards and market-wide knowledge of third-party risk maturity.

The KPMG Third-Party Risk Navigator is designed to bring clarity to the actions required to enhance a TPRM program by identifying possible risks and weaknesses as well as seeking to improve efficiencies.