Considerations in Selection of 3rd Party Management Solutions
The fastest growing segment of the GRC market is the demand for third party management solutions focused on the governance, risk management and compliance of third party relationships (e.g., supplier, vendor, contractors, broker, dealer, agent, outsourcer, service provider, . . . ).
The challenges is navigating the 130+ third party management solutions and understanding and differentiating capabilities. Some solutions focus on departmental third party issues such as information security, others focus on industry verticals, many focus purely on the due diligence process, many offer modules as part of broader platforms, and a few offer an end-to-end third party management capabilitity.
Whether for a department third party management need or to manage the range of third parties across the enterprise, third party management solutions are in demand. Recent RFP and inquiry trends that GRC 20/20 is involved with show a growing demand for integrated cross-department third party management solutions. Where there used to be just a few solutions to choose from there are now over 130 with vary capabilities and approaches. They offer varying breadth and depth of capabilities, and certainly no one offers a one size fits all solution. It has become a complex segment of the GRC market to navigate, understand, and find the solution(s) that is the perfect fit for your organization.
In this Research Briefing GRC 20/20 provides a framework for organizations evaluating or considering third party management solutions.
- Defining & Understanding 3rd Party Management
Definition, Drivers, Trends & Best Practices
- Critical Capabilities of a 3rd Party Management Solutions
What Differentiates Basic, Common, & Advanced Solutions
- Considerations in Selection of 3rd Party Management Solutions
Decision Framework & Considerations to Keep in Mind
- Building a Business Case for 3rd Party Management
Trajectory of Value in Effectiveness, Efficiency & Agility
The GRC Pundit will helps organizations . . .
- Define and scope the third party management market
- Understand third party management drivers, trends, and best practices
- Relate the components of what makes a third party management platform
- Identify core features/functionality of basic, common, and advanced third party management platforms
- Map critical capabilities needed in a third party management platform
- Predict future directions and capabilities for third party management
- Scope how to purchase third party management platforms in a decision-tree framework
- Discern considerations to keep in mind as you evaluate third party management solutions
This Research Briefing is aimed to assist . . .
- GRC professionals with the responsibilities to manage, audit, evaluate, and perform due diligence on the range of third party relationships in an organization
- GRC solution providers offering third party management solutions
- GRC professional service firms advising organizations on third party management
- GRC content & intelligence providers that provide third party databases, content and templates
Michael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.
©GRC 20/20 Research, LLC. All Rights Reserved.
No part of this publication may be reproduced, adapted, stored in a retrieval system or transmitted in any form by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of GRC 20/20 Research, LLC. If you are authorized to access this publication, your use of it is subject to the Usage Guidelines established in client contract. The information contained in this publication is believed to be accurate and has been obtained from sources believed to be reliable but cannot be guaranteed and is subject to change. GRC 20/20 accepts no liability whatever for actions taken based on information that may subsequently prove to be incorrect or errors in analysis. This research contains opinions of GRC 20/20 analysts and should not be construed as statements of fact. GRC 20/20 disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. Although GRC 20/20 may include a discussion of related legal issues, GRC 20/20 does not provide legal advice or services and its research should not be construed or used as such.