Risk management in a world in crisis
2023-06-09
In times of upheaval and uncertainty, people and organisations need a vision, and a clear value orientation that the organisation and its employees can use.
They need a clear “sense of belonging” and “sense of direction” so that their actions have meaning and impact.
Having said this, it is no secret that corporations around the world today struggle to manage their risks. At the centre of that struggle are third parties.
Third parties challenge business operations like never before. They can disrupt supply chains stretched around the world; open the door to cybersecurity attacks within your organisation; or cause costly compliance failures such as anti-corruption, sanctions, or antitrust violations.
The good news: most organisations can leverage their prior experience with corporate compliance programs into stronger, more comprehensive third-party risk management programs.
Management teams can then turn that better risk management capability into a strategic advantage for years to come.
You can delegate the task but not the responsibility when it comes to data protection; learn how to manage your third-party risk with our Policy and Third Party Management of Data course.
The changing nature of risk
The challenge with third-party risk has several causes:
First, businesses today use more third parties than ever before. Even small companies rely on dozens of third parties.
Second, businesses use third parties in more ways, and often in mission-critical ways. For example, a global manufacturing business might use contracted labour at its plants (supply chain risk), overseas agents to drive its international sales (compliance risk), and cloud-based IT services to run R&D, finance, and other functions (cybersecurity risk).
Third, businesses operate at a scale and manner that leaves their operations “tightly coupled,” where a failure in one part of the enterprise can disrupt many other parts. With so little room for error, it becomes more important for all parts of the enterprise to run smoothly at all times.
And fourth, regulators around the world are paying more attention to business conduct since governments and the public are more exposed to the consequences of poor conduct. An environmental disaster might ruin the water supply; a cybersecurity failure could leave millions without access to power or bank accounts. A privacy data breach can expose millions.
The risks themselves—supply chain, cybersecurity, compliance, financial—aren’t new, but their severity and unpredictability are, for all the reasons mentioned above. In such a world, third-party due diligence is no longer enough for success. Rather, companies must use their due diligence capabilities as the foundation for more comprehensive third-party risk management.
That, in turn, allows senior management to make better decisions about achieving business objectives, without worrying that an errant third party might derail your plans.
Learn how to take a holistic and modern approach to management and business, by taking our Advanced Certificate in Governance, Risk Management and Data Compliance.
New pillars of risk management and response
To achieve strong third-party risk management, a business must be able to do four fundamental tasks:
•
Already a member?
Unlock these benefits
Get access to news, enforcement cases, events, and actionable tips and guides
Get regular email updates and offers
Job opportunities, mentorship and career guidance
Exclusive access to Data Protection community - ask questions, network and share knowledge with peers and experts via WhatsApp and Linkedin
DPEX Network is a Community Initiative of Straits Interactive.
Copyright © Straits Interactive Pte Ltd. All Rights Reserved.
All intellectual property rights to logos and brands featured on this website remain the property of their respective owners.