In Part 2 of a three-part series, Hui Chen and Parth Chanda discuss how third-party risk management should go well beyond existing due diligence practices to be truly effective and how data analytics and digital tools are essential.

In the podcast, they discuss: 

• How effective third-party risk management is not about only due diligence but about continuous monitoring spend with your third parties
• How relying on internal audit to review third-party spend periodically as part of internal audits is not the same as monitoring your third-party spend continuously
• How real-time monitoring and alerts around third-party spend is where compliance is going
• How effective third-party risk management should be streamlined across enterprise risks areas to break down functional, risk and operational silos
• How compliance software tools should be holistic across spend approvals and spend monitoring end-to-end
• How spend data is the right place to start for risk-ranking a large vendor population
• How relying on subjective determinations of what qualifies as high risk is so error-prone

Listen below and link here to Part 1 (Monitoring & Auditing of Spend Data) and Part 3 (Enabling Ethical Action by the Business).