Third-Party Risk Management: A Practical Guide
Linda Tuck Chapman, C3PRMP
Management of a third-party relationship is no different than how organizations manage internal processes, with compliance monitoring, procedures, and business continuity plans. It requires cooperation, partnership, agreed-upon performance expectations, and a shared desire for preparedness so the appropriate oversight can be provided. In an increasingly complex world, it is critical that third-party risk and relationship management practices constantly evolve to remain relevant and embrace tools such as scenario planning to ensure readiness for potential future threats.
It’s a tough challenge operating at the speed of business while satisfactorily managing complexity and risk across the extended enterprise. But this is exactly what customers, shareholders, regulators, and lawmakers demand.
Organizations everywhere operate within their risk appetite only when they identify and control risk. The use of third parties exposes them to many distinct types of strategic, operational, reputational, regulatory, and financial risk. Failure to recognize, mitigate, and manage these risks can cause significant harm, causing organizations to stray outside their risk appetite.
The global pandemic revealed some serious cracks in risk practices in many organizations. By visibly supporting proactive third-party risk management, business leaders can confidently make risk-informed decisions. Leaders who demonstrate risk-centric values and encourage their staff to do the right thing justifiably earn their loyalty, motivating them to protect the organization, customers, and shareholders.
This books complements Linda’s first book, Third-Party Risk Management: Driving Enterprise Value. It is a must-read for anyone interested in gaining a deeper understanding about third-party risk management and how to successfully treat and manage risk.
This book covers:
- Fundamentals of third-party risk management.
- Organizational alignment.
- Lifecycle management.
- Due diligence, evaluating controls, and risk ratings.
- Contracting and risk acceptance.
- Relationship management and risk monitoring.
- Roles and responsibilities.
- Risk oversight and governance.
About the Author
Linda Tuck Chapman, C3PRMP, is a recognized expert in third-party risk and relationship management. As President, Ontala Performance Solutions Ltd., she helps clients build strong third-party risk and relationship management practices. As CEO, Third Party Risk institute, Linda delivers risk management certifications, global networking, and high-impact training to seasoned professionals around the world.