Study Reveals Few Companies Expanding Third-Party Risk Management Programs Despite Increasing Threats

What’s more is, 44% of companies report not actively tracking supply chain risks.

Ra2 Studio Adobe Stock Fraud
ra2 studio - Adobe Stock

Nearly 83% of companies report increased focus on third-party risk due to the Coronavirus disease (COVID-19), yet only 40% are expanding their programs, according to a study published by Prevalent Inc. What’s more is, 44% of companies report not actively tracking supply chain risks.

“The past year has brought even more attention to the risks associated with third-party vendors and partners, specifically to the supply chain,” says Brenda Ferraro, VP of third-party risk management for Prevalent. “And, the threats that these vendors and partners bring into an organization go well beyond cybersecurity and data privacy. Companies need to start thinking about the underlying risks below the surface such as environmental, social and governance (ESG), anti-bribery and corruption (ABAC) and SLA performance. A successful TPRM program must expand beyond traditional cybersecurity risks and involve several departments across the organization. Together these teams will keep customers, employees and partners safe.”

From PR Newswire:

  • 50% of companies don’t have the pre-contract due diligence necessary to effectively evaluate potential vendors.
  • Only 22% of companies involve procurement teams in third-party risk management.
  • 65% of companies are not satisfied with spreadsheets.
Latest