Dedication To Excellence

Commitment to customers is at the heart of New York Life Insurance Company. Since 1845, New York Life has delivered on its promise by investing wisely and managing strategically remaining true to its mission of helping individuals and families “protect and prosper.”

As a valued member of Shared Assessments, New York Life’s Enterprise Resilience and Risk Management team is no exception to this dedication. This team, consisting of Third-Party Risk Management (TPRM), Corporate Resilience and Corporate Insurance departments, has responsibility for advisory/assurance, key performance and risk indicator metrics, concentration risk and issues management.

Leveraging Resources

TPRM touches all aspects of an organization. It plays a vital role in aiding businesses by identifying, assessing, monitoring, and mitigating risks linked with vendor relationships throughout their entire lifecycle, from initial onboarding through offboarding.

Since its inception, around 5 years ago, TPRM at New York Life Insurance has “built the foundation to enable a wide range of capabilities to advise and support the needs of our business partners.”

Chris Hernandez, Head of Program Oversight, Risk & Controls, and Nic Gavalas, Senior Associate, Operational Risk Management, are two pioneers in the Risk Management space and integral parts of New York Life’s Enterprise Resilience team.

New York Life’s TPRM team makes it a priority to stay connected and informed by being an active member of Shared Assessments. Chris Hernandez shares that

“the Shared Assessments member network and information sharing has been invaluable for our program” and membership assists in “staying abreast of what the latest is in the industry.”

Products When Possible

Hernandez and Gavalas emphasize that as they further mature their TPRM program, their team looks to incorporate and reference Shared Assessments products wherever possible. In particular, New York Life utilizes the Standard Information Gathering (SIG) Questionnaire because of its

“standard approach and coverage which has been instrumental in providing the foundation for a robust third-party information security and business resilience assessment program and assess risks associated on behalf of our business partners,” says Hernandez.

Continuous Improvement

In addition to leveraging the SIG, several individuals on New York Life’s TPRM team hold either the Certified Third Party Risk Professional (CTPRP) and Certified Third Party Risk Assessor (CTPRA) certifications from Shared Assessments. Gavalas is a CTPRP holder and Hernandez recently took the CTPRP course Shared Assessments’ annual TPRM Summit.

Hernandez highlights that “the CTPRP helps you grow and makes you stand out from the rest of the pack. It gives insights and perspectives on different ways to continuously improve all aspects of your TPRM program.”

New York Life’s Enterprise Resilience and TPRM teams take full advantage of Shared Assessments’ membership offerings: thought leadership, products for the vendor lifecycle, education, committees, and the TPRM Summit. Being an active Shared Assessments member allows New York Life to enhance processes, become more agile, solve business needs, and stay up to date.

Keeping Your House In Order

Hernandez says, “Seeing and learning how our third parties ‘keep their house in order’ while ‘protecting our house’ is something that always fascinated me.” In the context of TPRM, “keeping your house in order” is no small feat. It requires a proactive and resilient approach to assessing, managing, and mitigating risks associated with third-party vendors and relationships.

Just as a well-maintained house provides security and stability for its occupants, a disciplined approach to TPRM allows organizations to navigate the complexities of the evolving risk landscape. By effectively managing third-party risks and building a resilient TPRM program with the support and structure of a Shared Assessments membership, organizations (such as New York Life Insurance) can safeguard against potential disruptions and ensure continued operational resilience.

Through continuous vigilance, proactive risk management, and a commitment to excellence, TPRM programs and teams can better “keep their house in order,” laying the foundation for sustained success.