Comments on KPMG survey about third party risk management

Comments on KPMG survey about third party risk management

Nov 11th, 2020

We just read KPMG’s Third Party Risk Management outlook 2020 and today we will pitch in comments on KPMG survey on third party risk management .

Comments on KPMG survey about third party risk management

Risk integration

We discuss what its conclusions mean in terms of practical risk assessment and Enterprise Risk Management (ERM). At Riskope we started integrating third parties risks in ERMs and risk assessments twenty years ago. We note that in the grand scheme of things third party may also mean neighbors. Of course, defining the limits of the system to be assessed is as important as its description.

Indeed, ERMs need to be convergent, i.e. bring in 360-view of the system hazards including suppliers, subcontractors and other third parties. This brings us to always propose a multi-dimensional view of consequences which includes reputation and crisis potential. We also stress the need to review contractual Force Majeure clauses due to the very dynamic world we live in.

So, we were delighted to read in the KPMG report that a vast majority of the interviewed stated that business’ reputation directly links to performance. This mean that ERM must integrate the reputational dimension. Additionally, it shows that our efforts go in a direction the markets are starting to recognize. Allow us to state again, reputation is a dimension of the consequences additive function, not a standalone item.

Consistency consistency consistency!

The KPMG report calls for consistency across the enterprise. This means again that the the ERM must be convergent in order to bypass the existing information silos. Indeed, once again it, is also in our experience that companies oftentimes mitigate their risks and prioritize them using siloed approaches. Those lead to money squandering. Examples of this can be cyber security or supply chain . Tools exist and we have been using them for long time (see Chapter 8).

If companies address the previous points, then the claim that “half of businesses (50%) do not have sufficient capabilities in-house to manage all the risks they face” melts away. That claim drops as it is a result, and not a cause, of a poorly structured ERM approach and implementation.

Comments on KPMG survey about third party risk management

Indeed firms can achieve both efficiency and effectiveness in their tactical and strategic planning. The key is to use risk informed decision making or, as KPMG calls it, taking a risk-based approach. And in terms of practical risk assessment we can do this by prioritizing risks from the highest intolerable risks.

Tagged with: , , , , , ,

Category: Consequences, Hazard, Probabilities, Risk analysis, Risk management, Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *

Riskope Blog latests posts

  • first steps ORE2 tailings workflow
  • 15-09-2021
  • First steps ORE2 tailings workflow: 2 – ARCHIVAL DOCUMENT SEARCH METHODOLOGY The archival documents delivered by the client to Riskope…
  • Read More
  • ORE2 tailings technical explanations
  • 8-09-2021
  • The first ORE2_Tailings™ deployment for a given client and selected TSF portfolio is an a priori endeavor insofar it delivers…
  • Read More
  • General ORE2 tailings workflow
  • 1-09-2021
  • ORE2_Tailings™ is a quantitative risk assessment platform. Riskope designed it specifically for tailings systems (active and inactive). When we deploy…
  • Read More
  • Get in Touch
  • Learn more about our services by contacting us today
  • t +1 604-341-4485
  • +39 347-700-7420

Hosted and powered by WR London.