Click through articles on business resilience and you’ll find more Three Little Pigs analogies than you can shake a straw, stick or brick at. The comparison makes sense from a strategic perspective: the more expertise, money and care an organization invests in building a sound risk management structure, the more resilient it is likely to be in the face of threats that come knocking.
From a third party risk management (TPRM) standpoint, however, the Three Little Pigs correlation is decidedly incomplete. To suffice, the fable would require major updating to reflect what TPRM teams contend with as they help strengthen organizational resilience. For starters, each pig would need to monitor an ever-expanding set of third party contractors whose products and services have a direct impact on their house’s ability to withstand breaches from a growing horde of big bad wolves wielding a variety of attack methods. Many C-suites and boards have similarly incomplete understandings of third party risks, as well as the investments and work required to monitor and mitigate those risks.
Fortunately, TPRM leaders have a prime opportunity to close this knowledge gap given senior leadership’s current focus on bolstering business resilience in the wake of a global pandemic that laid bare risk-management weaknesses. One way to do so is by understanding how TPRM aligns with, and relates to, current business-resilience trends garnering senior leadership attention:
