.gif?width=1920&name=Sample-Graphic-Animation%20(1).gif)
Available on
Podcast Transcript
Hi - this is Lisa-Mae Hill with Venminder.
In this podcast, you'll learn how effective third-party risk management can help mitigate supply chain risks. Natural disasters and cyberattacks are just two examples of events that can disrupt your supply chain and negatively impact your organization. Monitoring your supply chain through the third-party risk management lifecycle can help mitigate these risks and support operational resilience. 
Here at Venminder, we have a team of subject matter experts who can help your organization incorporate supply chain management into a third-party risk management program.
Supply chain risk is a broad term that can cover many different business disrupting events. A vendor’s business operations can be disrupted along different stages of the production, sale, and distribution process. For example, a severe weather event could potentially shut down power at a vendor’s facility, which could delay its production schedule.
This year, we shared the results of our annual State of Third-Party Risk Management 2023 survey. We asked our respondents if they had updated their program activities or requirements because of supply chain disruptions. Forty-three percent (43%) of respondents had made some effort in addressing a disruption. Some had updated their business continuity and/or disaster recovery plans, while others increased focus on their vendor’s and organization’s resilience.
An effective third-party risk management program is part of a proven strategy to help your organization identify and manage supply chain risks. But how so? The activities in the third-party risk management lifecycle will ultimately give greater visibility into the supply chain and help your organization mitigate risks and disruptions.
Let’s review four examples of how third-party risk management helps address supply chain risk:
First, the initial risk assessment and due diligence of your vendors will help you identify any areas of concern within your supply chain. When you perform a risk assessment and review due diligence, you may discover certain risks that need to be addressed. These can include geo-political risks that stem from a vendor affected by tariffs, or modern slavery risks, which have been an issue in the supply chain.
Second, it’s important to verify that your vendors have well-tested business continuity and disaster recovery plans in place. These due diligence documents provide evidence that your vendor can effectively respond to and recover from an incident. Supply chain incidents aren’t completely preventable, but a business continuity and disaster recovery plan can help ensure that the impact is minimal.
Third, ongoing monitoring of a vendor’s risk and performance will help you stay aware of potential supply chain disruptions. Regular reviews and assessments of your highest risk vendors is part of a solid ongoing monitoring plan.
Finally, third-party risk management helps you identify fourth or nth parties, which are your vendor’s vendors. These are suppliers that don’t have a contract with your organization but work directly or indirectly with your vendors. A critical fourth or nth party vendor can pose a risk to your organization, so it’s important to identify them when assessing your own vendors. This ensures that your vendors are properly managing their own vendor inventory.
Some industries like manufacturing, retail, and restaurants are more impacted by supply chain disruptions, but all organizations should be practicing third-party risk management. It’s a regulatory requirement and best practice that will help protect your organization from third-party risk and can help maintain resiliency.
Thanks for tuning in; Catch you next time!
