Auditing Third-party Risk Management


This publication is available for members. Please log in to download.
Would you like to become a member?

Practice Guide (Recommended Guidance

Further exploration into risks resulting from the types of services being provided and the sensitivity of data being shared is covered. Sample audit guidance is offered, making this a robust resource with tangible tools.

Topics include:

  • Outlining key roles, responsibilities, and risks in managing third-party providers.
  • Defining a third-party risk audit coverage approach.
  • Developing a structure for scoping, planning, and executing third-party risk audits.
  • Appropriately engaging and assessing third-party risk management activities across the business, oversight, and control functions.
  • Determining whether the organization has a third-party risk management structure that results in a “patchwork” approach, and, if so, how to bring it together into an enterprisewide framework.

Listen to the webinar: Auditing Third Party Risk Management: Learn the roles, responsibilities, and risks involved in third-party risk management and how you can add value in auditing those relationships.

Webinar: Third Party Risk ‒ A Smarter Approach: Learn how innovative organizations work smarter, not harder, by driving business value through their third party risk management program.