Sign up to save your podcasts
Or
Share Chris Matlock on Third Party Risk [Podcast]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Chris Matlock on Third Party Risk [Podcast]
By Adam Turteltaub
The Gartner Legal Risk & Compliance Practice recently released a report on the state of third party risk management. To learn more we talked with Chris Matlock, Gartner’s Vice President, Advisory – Corporate Strategy & Risk Practice.
The report was developed, he explained, because of the substantial changes in business over recent years. As the size of businesses has grown – many of the Fortune 500 are 50%-100% larger than they were a decade ago -- the number of third parties they work with has increased dramatically and with it the “threat surface”. Complicating the challenge, much of the pandemic took place during the pandemic, when normal third party vetting processes were not possible.
Today, with a threat of a recession, third parties are often under extreme pressure to meet the expectations of both their owners and their customers. The likelihood for compliance failures is higher.
Gartner’s research found that the typical risk factors remain, but they have been intensified by both new regulations and stresses on supply chains. IT and cyber risks are growing larger at the same time that companies have made substantial investments in technology to enable their team to collaborate and interact with customers electronically.
Adding to the challenge, many organizations do not have a mechanism for centrally managing their third parties, which makes it more difficult to ensure consistency in practices and respond when things go awry. Pushing the “stop” button with one vendor may trigger unexpected consequences three steps downstream.
Additional stress has been created through, as noted earlier, a heightened regulatory environment. Anticorruption enforcement continues while the number of privacy laws grows.
To manage the risks, many have turned to tools to collect more data on their supply chain, but that has posed the problem of having too much data and, as a result, difficulty in determining which pieces of data are truly important.
To help manage these risks, Chris recommends enlisting the enterprise risk management team to create key indicators that can help monitor risks in a forward-looking way.
View all episodes
By SCCE
4.8
3434 ratings
By Adam Turteltaub
The Gartner Legal Risk & Compliance Practice recently released a report on the state of third party risk management. To learn more we talked with Chris Matlock, Gartner’s Vice President, Advisory – Corporate Strategy & Risk Practice.
The report was developed, he explained, because of the substantial changes in business over recent years. As the size of businesses has grown – many of the Fortune 500 are 50%-100% larger than they were a decade ago -- the number of third parties they work with has increased dramatically and with it the “threat surface”. Complicating the challenge, much of the pandemic took place during the pandemic, when normal third party vetting processes were not possible.
Today, with a threat of a recession, third parties are often under extreme pressure to meet the expectations of both their owners and their customers. The likelihood for compliance failures is higher.
Gartner’s research found that the typical risk factors remain, but they have been intensified by both new regulations and stresses on supply chains. IT and cyber risks are growing larger at the same time that companies have made substantial investments in technology to enable their team to collaborate and interact with customers electronically.
Adding to the challenge, many organizations do not have a mechanism for centrally managing their third parties, which makes it more difficult to ensure consistency in practices and respond when things go awry. Pushing the “stop” button with one vendor may trigger unexpected consequences three steps downstream.
Additional stress has been created through, as noted earlier, a heightened regulatory environment. Anticorruption enforcement continues while the number of privacy laws grows.
To manage the risks, many have turned to tools to collect more data on their supply chain, but that has posed the problem of having too much data and, as a result, difficulty in determining which pieces of data are truly important.
To help manage these risks, Chris recommends enlisting the enterprise risk management team to create key indicators that can help monitor risks in a forward-looking way.
More shows like Compliance Perspectives
View all
The Joe Rogan Experience
229,674 Listeners
Hidden Brain
43,687 Listeners
Wait Wait... Don't Tell Me!
38,950 Listeners
Making Sense with Sam Harris
26,380 Listeners
Pivot
9,724 Listeners
FCPA Compliance Report
20 Listeners
Up First from NPR
56,944 Listeners
Stay Tuned with Preet
32,354 Listeners
Corruption Crime & Compliance
43 Listeners
GZERO World with Ian Bremmer
837 Listeners
Compliance into the Weeds
12 Listeners
Daily Compliance News
7 Listeners
The Ezra Klein Show
16,525 Listeners
On with Kara Swisher
3,538 Listeners
The Mel Robbins Podcast
20,222 Listeners