Fans of the story, Alice in Wonderland, will remember how the Cheshire Cat answered Alice when she asked him which way to go. He answered, “If you don’t know where you are going, any road will get you there.” What the Cheshire Cat meant was if you lack an objective, then you have no destination in mind; if there is no purpose there is no goal.
The same can be said for third-party risk management (TPRM). When working with vendors, suppliers and other third parties, it is critical to define and agree on each relationship’s objectives and overarching goal (i.e., the “destination”) from the start. Following TPRM best practices during the due diligence and onboarding phases can help you predict whether a new third party is capable of delivering against their objectives – and hopefully avoid major headaches down the road.
Once you begin any journey, it’s important to regularly check your bearings to make sure you are on the right course. Unfortunately, many third-party relationships fail to reach their objectives after the initial contract is signed. To stay on track, it’s critical to monitor each vendor’s performance against objectives and service level agreements (SLAs) throughout the relationship.
5 Steps to Continuously Manage Vendor Performance and SLAs
Here are some practical steps for managing vendor performance and SLAs to ensure productive, secure, and lasting third-party relationships . . .
[THE REST OF THIS ARTICLE CAN BE FOUND ON THE PREVALENT BLOG WHERE GRC 20/20’S MICHAEL RASMUSSEN IS A GUEST AUTHOR]