Nothing highlights supply-chain disruption more than a direct impact to consumers. But potential for business disruption goes far beyond the supply chain: An increasingly large number of critical business functions are contracted to third-party vendors. Companies rely on the success of their third parties for everything from payroll services to network security, janitorial to internal communication.
A documented risk-management programme for third parties is business-critical. In general, risk management covers seven main areas: planning, third-party due diligence, negotiating the contract, integrating contractors with the organisation, ongoing monitoring, and technology tools and automation: