The following represents the road map to help institutions elevate their TPRM capabilities:
Monitor and manage the risk posture of suppliers in a manner that is relevant to the level of risk introduced by the supplier and supplier criticality. Monitoring and management processes include contractual compliance; performance reviews; addressing critical vulnerabilities; incident management; identifying and reassessing risks; addressing changes to supplier services; and performance metrics.
Using the processes developed as part of the TPRM framework, we would assess a number of existing vendors to measure their risk levels by analyzing responses to shared questionnaires and log detected issues, and select the best risk response that supports business objectives.
Here is an overview of the main deliverables and key milestones from each phase of a BCMS (Business Continuity Management System) implementation project: