Effective 3rd Party Management Workshop

GRC 20/20 Workshops provide interactive training to groups of people on a range of GRC topics. These workshops provide a collaborative learning environment in which the attendees will be guided through lectures, problems, activities, and discussion.

GRC 20/20 can be engaged to deliver workshops internally to organizations as well as sponsored by GRC solution providers for their clients and prospects. GRC 20/20 regularly teaches the following workshops throughout the world in 1/2-day, full-day, and multi-day formats . . .

No company is an island unto itself: Organizations are a complex and diverse system of business relationships. Risk and compliance challenges do not stop at traditional organizational boundaries. Organizations today struggle to identify, manage, and govern extended business relationships as they stand in the shoes of their vendors, partners, suppliers, and relationships. Business partner problems and issues are the organizations problems that directly impact the organization’s brand and reputation. When questions of business practices, compliance, and controls arise, the organization is held accountable, and it must ensure that business partners behave appropriately.

Risk, regulatory, and business environments are in a constant state of change. Extended business relationships — supply chain, value chain, vendors, service providers, outsourcers, and contractors — cannot be left to themselves. Business relationships must comply with regulatory requirements, corporate and regional cultures, codes of conduct, statements of social responsibility and sustainability, policies, risk limits and controls, and other business practices. Anything that impacts business relationships can taint the organization’s brand — such as child labor, quality issues, fraud, privacy violations, or other misconduct. Procurement, and other parts of the business, tend to look at the formation of a business relationship and fail to foresee issues that can cascade and cause severe damage to reputation, and exposure to legal and operational risk throughout the ongoing relationship itself.

Organizations struggle with consistent processes to manage 3rd party risk and compliance. Business needs defined processes, information, frameworks, and technology to effectively and efficiently manage 3rd party extended business relationships. The goal is to enable business agility by providing defined and integrated accountability processes that can manage risk and compliance in the context of business change across business relationships. A clearly defined approach to managing risk and compliance across extended business relationships requires a consistent lifecycle and program supported by a common information and technology architecture.

 

  • Risk Managers
  • Compliance Officers/Managers
  • Corporate Social Responsibility/Accountability
  • Procurement
  • Supply Chain Management
  • Vendor Management
  • Legal
  • IT/Information Security
  • Business Operations

  • Disarray of 3rd party management
  • Understand regulatory and risk issues in 3rd party/vendor management bearing down on organizations
    1. Supply chain/vendor Code of Conduct and policies
    2. Social Accountability/International Labor Standards
    3. Conflict Minerals
    4. Anti-Brbiery & Corruption
    5. Security
    6. Privacy
  • Roles & responsibilities in 3rd party management
  • 3rd party risk Assessment
  • 3rd party audit and inspections
  • Effective 3rd Party Management Lifecycle
    1. Understand regulatory and risk issues in 3rd party/vendor management bearing down on financial services organizations
    2. Conduct initial and ongoing due diligence in 3rd party and vendor relationships
    3. Protect the organization through communication of policy and requirements across 3rd party relationships
    4. Assess and score 3rd party/vendor risk
    5. Resolve issues before they grow out of control
    6. Provide oversight and reporting of vendor/3rd party relationships
  • How 3rd party management solutions deliver effective, efficient, and agile 3rd party management processes
  • Relationship of 3rd Party Management to Other Areas of GRC

No comments yet.

Leave a Reply