Involving Procurement White Paper

Building Best Practices Involving Procurement.

Working closely with Procurement can help provide all stakeholders with a level of assurance that third parties are appropriately vetted and monitored

Business lines within a given organization share many common service needs and risk profile concerns. Tangible gains in risk posture and third party risk management (TPRM) efficiency can be achieved over the long-term by applying a standardized governance model that uses proven tools and centers around Procurement from the outset of a third party relationship. Not only does Procurement bring a body of knowledge to the table that can be leveraged; adding Procurement to the process from the outset allows stakeholders enterprise-wide to collectively establish a standard internal framework for handling third parties. An integrated approach consolidates third party onboarding processes, naturally resulting in better risk management controls, as risk ranking and negotiations take place in a consistent manner that aims to achieve common goals. This allows every department to remain advised of goals and objectives, so that they can each contribute the necessary elements to ensure that requests for proposal (RFPs) and contract negotiations include elements of good risk management hygiene throughout the process. This white paper provides guidance on building such a framework. Recommendations include:

  • Business units should partner with Procurement to achieve economies of scale and risk mitigation.
  • Adopting methodologies that align with industry best practices, as well as regulatory requirements, allows for the most effective evaluation of a given third party’s controls.
  • To ensure the process is practical, sustainable and defendable, four guiding principles apply to developing a holistic framework of standards for vetting and onboarding third parties: consistency, objectivity, balance and management oversight.

To obtain a copy of this paper, please complete the form below. A download link will be sent upon receipt of submission to the email address provided. 

  • This field is for validation purposes and should be left unchanged.

Shared Assessments Licensee ControlCase
Shared Assessments Logo pwc
Shared Assessments Logo dtcc
Shared Assessments Licensee-Copytalk
Shared Assessments Logo radian
Shared Assessments Licensee Power Advocate
Shared Assessments Logo usbank
Shared Assessments Licensee TD Ameritrade
Shared Assessments Licensee ZS logo
Shared Assessments Logo Deluxe Corp
Shared Assessments Logo Iron Mountain
Shared Assessments Licensee Bank of the West
Shared Assessments Logo first data
Shared Assessments Licensee Lockpath
Shared Assessments Logo Deloitte
Shared Assessments Licensee ctg
Shared Assessments Logo sei
Shared Assessments Logo yodlee
Shared Assessments Licensee Pivot Point Security
MetricStream logo
Shared Assessments Logo Bank Of New York Mellon
Shared Assessments Program licensee Churchill & Harriman logo
Shared Assessments Licensee Protiviti
Shared Assessments Logo Ernst & Young
Shared Assessments Licensee Identity Theft 911
intralinks-logo
Shared Assessments Licensee Rsam
Viewpoint Logo