Would you consider conducting due diligence on vendor’s vendor (4th party vendor to you) as part of your vendor risk management program?

Risk Management Procurement Vendor Management

Yes, if the services are in scope38%

Yes, irrespective of scope of agreement33%

May be19%

No6%

Not sure2%

558 PARTICIPANTS

18.4k views15 Upvotes

Content you might like

What are some best practices, including those commonly used in other companies, for managing contingent workers, especially in terms of tracking and verifying time and pay rates for maintenance and construction work? This includes considerations like tracking level (project vs. task), accuracy verification, using data sources (e.g., security card swipes, GPS tracking), and the digital/self-service aspect (what's the difference on mobile or a web app vs. spreadsheet or paper-based).

Peer Insights Procurement Enterprise Resource Planning (ERP)+1 more

2.3k views2 Upvotes

I would like to know the status of data governance, the formulation of guidelines and rules, and the actual use of physical secure rooms and their level at other companies, including pharmaceuticals that handle personal information. Would anyone please share their experience?

Governance, Risk & Compliance Data Protection & Encryption Risk Management +3 more

Software Engineer in Software, 51 - 200 employees

The data governance policy should include procedures for managing data quality and integrity to prevent data errors, inconsistencies and other issues and to find and fix problems that do occur. It should also detail data ...read more

Read More Comments

1.2k views4 Upvotes2 Comments

How far along are you in implementing strategies to address future risk?

Peer Insights Risk Management

91+%0%

76-90% complete0%

51-75% complete75%

26-50% complete0%

10-25% complete0%

Just getting started25%

4 PARTICIPANTS

266 views2 Upvotes

I have recently been asked to develop a compliance program for the new CFPB 1071 rule which requires every creditor that originates 100 or more covered transactions to small businesses in the preceding years to report to the CFPB on a series of metrics. Has anyone started doing this yet? If so, how are you going about it? Are you hiring external consultants or leveraging internal resources? Are you buying new software or adding new modules to existing software to ensure compliance?

Peer Insights Governance, Risk & Compliance Risk Management +1 more

1.2k views4 Upvotes

What capabilities are you building into your future supply chain and business operations to account for future risk?

Risk Management Peer Insights

Improved data capture and analytics33%

Forecasting and predictive systems0%

Expanding vendor sourcing through multi-country or multi-vendor67%

Increasing inventory levels and safety stock0%

Leveraging 3rd party flexible relationships0%

Adding Automation to increase flexibility in operations0%

Other (comment below)0%

3 PARTICIPANTS

39 views1 Upvote