A job never done: Tips for TPRM integration
Meeting regulatory requirements should be a starting point—not an end point—when it comes to third-party risk management.
Taking risk mitigation further and understanding your third parties and their risks can create value for your organization, said Ja’Vaughn Jones, director of vendor risk management at healthcare company Kaiser Permanente, during a panel on TPRM integration at Compliance Week’s virtual Third-Party Risk Management and Oversight Summit.
When setting up a risk management program, start by getting buy-in from leadership and stakeholders, including any departments involved in the vendor process, said Chris Phillips, vice president of procurement and vendor risk for Lendmark Financial Services. The support of senior executives will help with implementing the program throughout the organization and counteract resistance, Phillips said.