Comments on KPMG survey about third party risk management

Comments on KPMG survey about third party risk management

Nov 11th, 2020

We just read KPMG’s Third Party Risk Management outlook 2020 and today we will pitch in comments on KPMG survey on third party risk management .

Comments on KPMG survey about third party risk management

Risk integration

We discuss what its conclusions mean in terms of practical risk assessment and Enterprise Risk Management (ERM). At Riskope we started integrating third parties risks in ERMs and risk assessments twenty years ago. We note that in the grand scheme of things third party may also mean neighbors. Of course, defining the limits of the system to be assessed is as important as its description.

Indeed, ERMs need to be convergent, i.e. bring in 360-view of the system hazards including suppliers, subcontractors and other third parties. This brings us to always propose a multi-dimensional view of consequences which includes reputation and crisis potential. We also stress the need to review contractual Force Majeure clauses due to the very dynamic world we live in.

So, we were delighted to read in the KPMG report that a vast majority of the interviewed stated that business’ reputation directly links to performance. This mean that ERM must integrate the reputational dimension. Additionally, it shows that our efforts go in a direction the markets are starting to recognize. Allow us to state again, reputation is a dimension of the consequences additive function, not a standalone item.

Consistency consistency consistency!

The KPMG report calls for consistency across the enterprise. This means again that the the ERM must be convergent in order to bypass the existing information silos. Indeed, once again it, is also in our experience that companies oftentimes mitigate their risks and prioritize them using siloed approaches. Those lead to money squandering. Examples of this can be cyber security or supply chain . Tools exist and we have been using them for long time (see Chapter 8).

If companies address the previous points, then the claim that “half of businesses (50%) do not have sufficient capabilities in-house to manage all the risks they face” melts away. That claim drops as it is a result, and not a cause, of a poorly structured ERM approach and implementation.

Comments on KPMG survey about third party risk management

Indeed firms can achieve both efficiency and effectiveness in their tactical and strategic planning. The key is to use risk informed decision making or, as KPMG calls it, taking a risk-based approach. And in terms of practical risk assessment we can do this by prioritizing risks from the highest intolerable risks.

Tagged with: , , , , , ,

Category: Consequences, Hazard, Probabilities, Risk analysis, Risk management, Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *

Riskope Blog latests posts

  • Holistic Geoethical Slopes’ Portfolio Risk Assessment in Geological Society
  • 2-12-2020
  • We are proud to publish Holistic Geoethical Slopes’ Portfolio Risk Assessment in Geological Society, London, Special Publications, 508. We want…
  • Read More
  • The impact of standard of care on dams survivability
  • 25-11-2020
  • Using ORE2_Tailings we can quantify the impact of standard of care on dams survivability. In this blogpost we take three…
  • Read More
  • Tactical and strategic planning to mitigate divergent events
  • 18-11-2020
  • Tactical and strategic planning to mitigate divergent events is one of the themes of our next book. The term divergent…
  • Read More
  • Get in Touch
  • Learn more about our services by contacting us today
  • t +1 604-341-4485
  • +39 347-700-7420

Hosted and powered by WR London.