The State of Third-Party Risk Management survey results of third-party risk professionals provides valuable insight into how organizations are managing the risks associated with doing business with third parties.
Venminder, a leader in third-party risk management solutions, revealed the results of their now fifth annual “State of Third-Party Risk Management Survey”. The survey of third-party risk professionals provides valuable insight into how organizations are managing the risks associated with doing business with third parties.
Read More: SiteSpect Bolsters Optimization With Experimentation, Targeted Rollouts Solution
Third-party risk management was very much tested as an operational risk mandate, rather than simply a regulatory requirement in 2020. The pandemic pushed organizations to be more innovative, work remotely and rely more heavily on outsourced practices. The (still ongoing) COVID-19 pandemic has validated for many that third-party risk management is not just a regulatory issue, but a practical real-world consideration.
Key findings from the survey include:
- Having enough internal resources is currently the #1 vendor management challenge
- Sixty-nine percent have updated their vendor management policy in the last 12 months
- Forty-six percent have between 1 and 2 employees dedicated to third-party risk management
- Eighty percent have a formal process in place to determine criticality for all new vendors pre-contract
- Sixty-eight percent classify 10% or less of their current number of vendors as “business critical”
- Seventy-six percent have formal risk assessment processes in place to determine inherent risk and residual risk for all new vendors pre-contract
- Seventy-five percent review/analyze high-risk or critical vendor documentation at least annually
- The number one way the pandemic impacted vendor management processes was third-party risk professionals ensuring their vendors had adequate pandemic plans in place
- Seventy-seven percent confirmed that the majority of their vendors were prepared and implemented pandemic plans without issues
- Forty-six percent say that they experienced third-party cyber incidents during 2020, with forty percent being limited impact incidents
Read More: Aptivio Releases The First Augmented Intelligence App For B2B Sales Professionals
“The survey results confirm that the maturity of third-party risk management practices has continued to evolve and, notably, improve,” said James Hyde, CEO of Venminder. “The COVID-19 pandemic certainly drove heightened awareness in the need for well-managed practices and the importance in ensuring that your data is protected, whether it’s in your hands or a vendor’s and wherever it is – whether in a remote or office environment. This year’s survey results will provide many with important insight into the current state of third-party risk management as well as the ability to compare and benchmark their organizations’ processes against their peers.”