Menu Close Menu

Menu

Account
Premium

Best Practices for Tracking Third Party Risks

Watch Webinar Recording Download Slides

View original event info

A recent Thomson Reuters survey report entitled “Third Party Risk: Exposing the Gaps” indicates that 62 percent of survey participants perform initial third party due diligence (usually only for defined higher risk tier parties), but only 36 percent are...

A recent Thomson Reuters survey report entitled “Third Party Risk: Exposing the Gaps” indicates that 62 percent of survey participants perform initial third party due diligence (usually only for defined higher risk tier parties), but only 36 percent are monitoring for changes to the risk profile once third parties are put in place.

When asked what prevents them from taking steps to detect ongoing risks, participants define several key challenges, with the most significant being lack of data and resource constraints. So, many choose to put controls in place and only update the risk assessment annually by using one external source of information, such as a database that tracks sanctions and watch lists. Others simply rely on annual self-certification renewals or audits for higher-risk parties.

But there isn’t such a clear end point for due diligence when we are talking about vetting third parties who will continue to present risks even after they are brought on board. A limited annual review is not sufficient to satisfy today’s best practices and may lead to liability when risks aren’t timely identified and managed. Changes in data, technology and automation have turned third party risk management on its head. Emerging threats such as cyber security, geopolitical challenges, and ever more opaque webs of related entities make the need for a holistic risk profile greater than ever before.

In this webinar, we will review the best practices your organization should have in place to ensure ongoing, integrated due diligence of your third party risks.

Learning Objectives:

  • Demonstrate the limitations of doing only basic due diligence
  • Outline the key stages of third party risk oversight and ongoing monitoring
  • Define the benefits of using an integrated technology that analyzes multiple data sources for continuous due diligence efforts

Presenters:

  • Kevin Bogdanov, Director of Market Development,Customer and Third Party Risk,Thomson Reuters
  • Dave Castrucci, CEO, 319 Insights
  • Vishal Verma, Director, Solution Management, SAP GRC

Moderator: Jason Mefford, OCEG

Featured in: Third Party Management

Related Resources
Back to top
OCEG © 2002 - 2024 OCEG

Terms of Service

Privacy Policy

support@oceg.org

Contact Us

Information & Billing:
+1 (602) 234-9278

Principled Performance, Driving Principled Performance, Putting Principles Into Practice, OCEG, GRC360°, ActiveLearning, EventDay and LeanGRC are registered trademarks of OCEG.

Protector Skillset, Protector Mindset, Protector Code, Lines of Accountability, GRC Professional, GRCP, GRC Fundamentals, GRC Auditor, GRCA, GRC Audit Fundamentals, Data Privacy Fundamentals, Integrated Data Privacy Professional, IDPP, Policy Management Fundamentals, Integrated Policy Management Professional, IPMP, Integrated Audit & Assurance Professional, IAAP, Integrated Governance & Oversight Professional, IGOP, Integrated Strategy & Performance Professional, ISPP, Integrated Risk Management Professional, IRMP, Integrated Decision Management Professional, IDMP, Integrated Compliance & Ethics Professional, ICEP, Integrated Business Continuity Professional, IBCP, Integrated Information Security Professional, IISP are trademarks of OCEG.