Vendor Management Organizations (VMO) and First Line of Defense (FLOD) third party risk teams struggle to achieve effective collaboration. Contributors to this challenge is VMO and FLOD risk professionals see situations from different perspectives and speak a slightly different language. These dynamic impacts the ability for VMO’s to achieve the maturity necessary to deliver value while limiting the FLOD’s risk effectiveness.
The TPRM Forum recommends VMO and FLOD leaders focus on the following areas to establish ‘Common Ground’.
- Vendor Categorization:
- Mature VMO’s establish vendor classifications to drive innovation and identify emerging technologies to support the road map
- FLOD and TPRM organizations categorize third parties to develop appropriate strategies based on risk dimensions
- Making this a collaborative partnership enables VMO’s and FLOD/TPRM teams to support one another while establishing a more comprehensive strategic view of risk
- Contract Currency:
- FLOD and TPRM teams continually monitor regulatory bulletins and guidance to identify potential impact to evidence and compliance requirements.
- VMO’s continually strive to ensure Terms & Conditions, KPI’s and service definitions are driving the desired behavior.
- Working in unison with Procurement and legal, VMO’s and FLOD/TPRM can continually focus revisions and updates to maintain contract currency
- Partner Monitoring:
- VMO’s focus on continuing improvement (CI) and achieving greater savings and performance.
- FLOD/TPRM teams focus on monitoring compliance and adherence to stated requirements
- Working together, understanding one another’s monitoring focus and activities while sharing details of assessment activities provides additional data points.
The TPRM Forum’s PULSE Assessment provides an excellent foundation to forge a strong alignment of VMO and FLOD teams to support business expectations and manage risk exposure.