RECENT SEARCHES

    RECOMMENDED

    No Results Found

    Third party risk management

    The underlying forces that help drive results

     

    Evaluate and align

     

    As third party risk leaders mature their programs, are they truly effective and sustainable while meeting all stakeholder needs?

     

    Third party services are not created equally and they generate different risks. Knowing where to focus your skills and resources will better focus your spend on the most impactful areas. An effective program mitigates risk for clients and provides valuable information to better manage risk and performance across those relationships for the business. 

     
     

    How can we help you?

     

    Our advisory teams tackle challenges alongside you, designing fresh solutions with a balance of scale, skill and service you’ll only find here.

     
    Business continuity risk

    When a third party cannot continuously maintain its services due to business disruption, the results can include the disruption of critical... Show more processes, potential impact on client services, and/or loss of revenue.

    Concentration risk

    This risk occurs when a client becomes reliant on a single third party to provide multiple critical services or provide multiple products.

    Contract compliance risk

    Poor quality in product or service delivery may occur when third party personnel, products, services, or systems are not consistent with the... Show more client’s agreed service levels, price points, applicable laws, regulations, policies, and procedures and/or ethical standards. Reputational damage also may occur.

    Data privacy risk

    This risk occurs when a third party has insufficient experience or controls to protect the client’s and its customer's information from unauthorized... Show more access, disclosure, modification or destruction. This can result in a breach or loss of confidential client or company data, reputational damage, and/or potential loss of customers.

    Financial viability risk

    When a critical third party is not financially secure to provide client services at acceptable levels, it may lead to a disruption of critical processes... Show more, potential impact to client services, and/or loss of revenue.

    Geopolitical risk

    Third party products or services may be affected by political changes or instability in a country. This may cause service or product disruption to the third... Show more party, ultimately leading to disruption of critical processes and/or loss of customers and revenue.

    Legal/regulatory

    These risks can manifest themselves when a third party does not have an adequate risk program to ensure it remains compliant with laws and regulations, or... Show more when a third party does not possess the expertise or adequate controls to meet regulatory guidelines. This can result in enforcement actions being taken (business restriction/fines) and lawsuits.

    Physical security risk

    A third party that lacks the proper security to prevent unauthorized access to its facilities, equipment or resources presents a heightened risk of a... Show more breach or loss of confidential client or company data and/or reputational damage.

    Cybersecurity risk

    When a third party does not maintain a strong cybersecurity control environment, the result may be operational, compliance and reputational impacts.

    Subcontractor (nth party) risk

    An nth party contracted by the third party to service the client poses an additional risk for meeting its contractual requirements. This can cause disruption... Show more of critical processes and a breach or loss of confidential client or company data.

    Request a meeting -->
     
     

    Our solutions and tools

     
    Icon checklist white Icon checklist red

    Program design & strategy

    Governance and organizational design; risk assessment, scoring, third party identification and segmentation; program operating models, policy, and process design.

    Icon gears white Icon computer server red

    Technology automation

    Technology selection analysis; process and tooling configuration; analytics and reporting; systems integration; risk intelligence monitoring.

    Icon computer server white Icon computer server red

    Managed services

    Inherent risk assessment execution; due diligence questionnaire execution; ongoing monitoring.

     
     

    Our featured insights

     
     

    Connect with our Advisory leaders

     
    Headshot of Maxim Kovalsky Headshot of Maxim Kovalsky Headshot of Maxim Kovalsky
    Maxim Kovalsky

    Managing Director, Cybersecurity and Privacy, Risk Advisory Services
    Grant Thornton Advisors LLC

    Maxim (Max) Kovalsky is a Managing Director in Grant Thornton's Cybersecurity & Privacy practice, based in the New York City office.

    New York - Manhattan, NY

    +1 646 354 0463
    Service Experience
    • Advisory
     
     
    Work where how you work matters. Explore careers at Grant Thornton.
    Go to careers ->
    cross promo banners cross promo banners
     

    Ready to talk? We’re ready to listen.

     

    Request a meeting and a member of our team will be in touch to see what we can do to meet your needs.

     

    Want to submit an RFP? Please submit your request through our RFP submission page.

     
     
     
     

    How we can help with cybersecurity and privacy

    Connect with us on social media