Traditional brick and mortar business is a thing of the past: physical buildings and conventional employees no longer define organizations. The modern organization is an interconnected mess of relationships and interactions that span traditional business boundaries. Layers of relationships go beyond traditional employees to include suppliers, vendors, outsourcers, service providers, contractors, subcontractors, consultants, temporary workers, agents, brokers, intermediaries, and more. Complexity grows as these interconnected relationships, processes, and systems nest themselves in intricacy, such as deep supply chains. Today, business is interconnected in a flat world in which over half of the organization’s ‘insiders’ are no longer traditional employees. A haphazard department and document centric approach for third party management compounds the problem and does not solve it. It is time for organizations to step back and define a cross-functional and coordinated strategy and team to define and govern third party relationships.

Adobe is a case in point on the value of a third party management platform. Adobe had several departments governing aspects of third parties in different ways.  For quite some time Adobe had the vision to move to a single integrated third party management platform that could consolidate the diverse processes and information for onboarding third-parties and manage risk and compliance throughout the relationship. Adobe evaluated four solutions in the RFP and Aravo was chosen to be Adobe’s third party management platform. Aravo provided a single solution with one consistent workflow to meet the range of third party management needs across Adobe. GRC 20/20 has evaluated and verified the implementation of Aravo at Adobe and confirms that this implementation has achieved measurable value across the elements of GRC efficiency, effectiveness, and agility. In this context, GRC 20/20 has recognized Aravo and Adobe with a 2016 GRC Value Award in the domain of Third Party Management.

1. Growing Risk & Regulatory Exposure in Third Party Relationships
   • Inevitable Failure of Silos of Third Party Governance
2. Adobe: Value Achieved in Third Party Management
   • The Challenge Adobe Faced
   • Solution to Adobe’s Problem
   • Adobe Achieved Value in GRC Efficiency, Effectiveness, and Agility
     • GRC Efficiency Value
     • GRC Effectiveness Value
     • GRC Agility Value
3. GRC 20/20’s Final Perspective
4. About GRC 20/20 Research, LLC
5. Research Methodology

Michael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.