Solution
David answered on
Dec 27 2021
Student Name
Course Name
University Name
17
th
-September-2017
Introduction
In this paper we will be discussing about Vendor Management Risk. It is typical operational
isk which any business face. Vendors that deliver critical technology solutions or services
help run, differentiate and innovate the business, but they increase the potential for significant
performance and security risks. Sourcing and vendor management leaders play a critical role
in balancing the risks and rewards.
Organizations are exposed to several risks when they work with vendors, including cyber and
information security
eaches and operational performance failures that affect critical
usiness processes. These risks can result in damage to a company's
and and reputation,
egulatory compliance penalties, or damage to business operations. Cyber security is a top
isk that vendor risk leaders are concerned with. This and other operational risks have led
egulators globally to increase their scrutiny of companies, looking for validation of adequate
oversight and control of critical vendors and third parties.
Vendor management leaders are increasingly concerned about vendor risk, as new vendors
(including microvendors or small, unvetted vendors, and cloud service providers) are
engaged to drive innovation, digital business and new operating models into their
organizations.
2
Moreover, many of these vendors are engaged by business leaders, rather
than IT, so their risks are not adequately assessed and mitigated.
Need of a disciplined approach
A disciplined approach to vendor management must include performance and relationship
management, vendor risk assessment, due diligence, and ongoing vendor risk monitoring and
mitigation strategies. Without this, stakeholders in the organization may engage with vendors
that have inadequate — or even absent — data or process protections. Vendor management
leaders can demonstrate value by using "improved controls, policies and processes";
https:
www.gartner.com/document/3571068?ref=solrAll&refval=190853387&qid=72aa40afab0f8ada94dc66817951cdfa#dv_2_gartner_surveyed
supporting "improved innovation"; delivering "risk mitigation and management"; and
supporting "cost optimization." In this way, they realize the business benefits they expect
from their technology vendors.
When vendors are effectively managed, they can have a positive effect on enterprise revenue,
profit margins and competitive advantage. Conversely, unmanaged vendors can negatively
affect business outcomes and performance, especially if they support mission-critical
systems, tools or processes. The risk increases when vendors are responsible for, have access
to, or control highly sensitive enterprise data or intellectual property. Without proper
controls, organizations may engage in contracting models — such as cloud computing or
outsourcing — that may be inappropriate for their data protection, regulatory or system
availability requirements.
How can we find the most effective tools and processes to manage vendor risk and
performance?
Vendor risk management programs use effective operational controls that identify risks and
strategies for mitigating the business impacts of vendor risks. As the adoption of cloud-based
and other digital technologies continues to rise, vendor risk management...