First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

third–party risk

Beyond due diligence: Ongoing third party risk management

There is something in a name. More people in the compliance industry, when referring to third-party due diligence, are labeling it “Third Party Risk Management.” I like it because it is more accurate.

 

, , , , , ,

Why do so many practitioners misunderstand risk?

My apologies in advance to all those who talk about third–party risk, IT risk, cyber risk, and so on. We don’t, or shouldn’t, address risk for its own sake. That’s what we are doing when we talk about these risk silos. We should address risk because of its potential effect on the achievement of enterprise objectives.

 

, , ,