COVID-19 puts third-party risk management under the microscope
The COVID-19 pandemic has brought to light the need to plan for continuity and recovery in the face of all locations going offline, and it has exposed the widespread dependence on – and common weaknesses with – third-party relationships.
Whenever organizations commit to working with a third party, they are choosing to introduce an additional risk factor into the business. Bigger, more complex provider ecosystems can be unwieldy to manage. Organisations need a clearly defined process to manage third-party relationships throughout their entire life cycle, to track compliance obligations and to do everything possible to protect their information. The COVID-19 pandemic has exposed the fact that many companies lack visibility into their third-party supplier relationships. A thorough third-party risk management process might ensure that all stakeholders with access to the business and its operations and data are adhering to the highest standards.
In times of crisis, it’s especially critical to know who critical suppliers are, to proactively monitor them for risk and to ensure they’re complying with business continuity plans. ISG’s David England discusses how organisations can manage supply chain risk in uncertain times.