Third Party Risk Management

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Revision as of 11:20, 11 July 2022 by Moh heng (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
1. Third Party Risk Management focuses on identifying and reducing risks relating to the use of third parties.


Third Party Risk Management (TPRM):

Notes (1): enables organisations to monitor and assess the risk posed by third parties.

Notes (2): identifies where the risk exceeds the TPRM threshold set by the business.

Notes (3): requires organisation to build a business engagement model with supporting analytical processes to ensure it has visibility of all Third Parties supporting the organisation.

Notes (4): ensures an effective governance model is in place to provide oversight of performance and risk across the entire supply chain.

Notes (5): should implement risk assessments that include sub-contractor risks.

Notes (6): Third party refers to as vendors, suppliers, partners, contractors, sub-contractors, or service providers.

Click to know more OR courses


Related Term: Operational Resilience, Business Impact Analysis, Inter-dependencies

BCM Institute's Professional Training and Certification

BCMBoK Competency Level
BCMBoK 0: BCM Fundamentals CL 1B: Foundation (BC)


BCMBoK Competency Level
BCMBoK 0: BCM Fundamentals CL 1C: Foundation (CM)


BCMBoK Competency Level
BCMBoK 0: BCM Fundamentals CL 1CC: Foundation (CC)


BCMBoK Competency Level
BCMBoK 0: BCM Fundamentals CL 1D: Foundation (DR)


BCMBoK Competency Level
BCMBoK 0: OR Fundamentals CL 1OR: Foundation (OR)

(Source: Business Continuity Management Institute - BCM Institute)

Click to know more about expert level training
A Manager’s Guide to Operational Resilience (eBook)