Third Party Risk Management; The Power of Combining Risk Analysis With Risk Assessments.


By Neil Hooper

We all know the stories about the recent compliance and security failures in big finance, retail, education, healthcare, consumer products and manufacturing. What we hear is; “They had the data, they should have known, but they didn’t understand the risk.” Why is this so? Often times it is because of the failure to detect the correlation of 3rd party data across multiple dimensions and to understand the implication of disparate signals combining to multiply third party risk. I am reminded of the harmlessness of both Mentos and Diet Coke on their own, but the surprising reaction when combined – it is this detection of otherwise unrelated details that leads us to true risk.

Last week I spoke at the Global Financial Markets Intelligence seminar for Third Party Vendor Risk Management for Financial Institutions in New York City. I announced the partnership and integration between Rsam and Dun & Bradstreet to satisfy both CRO and CCO concerns in third party risk management. My observation after years in security and risk is that the CRO organization and the CCO organization are related, but often aren’t integrated when it comes to managing third party risk.

The challenge we see is being able to think in multiple dimensions simultaneously. Customers, particularly in financial services, have their 3rd parties ranked and classified by criticality, reviewed for Operational Risk, and assessed for Compliance Risk, and usually these processes are not fully integrated. But these three dimensions all contribute to risk, and today’s modern companies need to take a more informed view.

Rsam and D&B are leading in innovation with their multi-discipline integrated approach to deliver true risk management in what is being called “VRM 2.0”.

With this new integrated approach, D&B’s awarding winning due diligence analysis, combined with Rsam’s highest ranked VRM solution is delivering unrivaled new insights in to the third (and fourth) party risk management arena.

As we look forward to another year of increased scrutiny and increased risk, Rsam and D&B will continue to lead in this new blended view of complete vendor risk.