Implementing a Third-Party Management Solution: 5 Steps for Success



Similar documents
Value of a Purpose-Built Third-Party Compliance Solution

Simplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance

Experience. The Future of Utility Customer Experience Management Starts Now. The Utility Customer Experience Company

Beyond Compliance: Building a Robust Ethics and Compliance Program

Your asset is your business. The more challenging the economy, the more valuable the asset becomes. Decisions are magnified. Risk is amplified.

Cisco Cloud Enablement Services for Adopting Clouds

Introduction. Table of Contents

DATASHEET CONTROL COMPLIANCE SUITE VENDOR RISK MANAGER 11.1

Product Lifecycle Management in the Medical Device Industry. An Oracle White Paper Updated January 2008

Client Onboarding Process Reengineering: Performance Management of Client Onboarding Programs

Mergers and Acquisitions: The Data Dimension

Certified Identity Management Professional (CIMP) Overview & Curriculum

The ROI of Incentive Compensation Management Making the Business Case

APPLYING LESSONS LEARNED TO FEDERAL CLOUD COMPUTING

Strategies for assessing cloud security

2016 The global ABB integrity program.

WHITE PAPER Third-Party Risk Management Lifecycle Guide

Technology and Expertise Add Operational Value to Medical Device Trials

Driving Faster Data Conversions, Increasing Efficiency and Removing New-business Risks for a Rapidly Growing Insurance Carrier OPTIS CASE STUDY

Fixed Scope Offering for. Oracle Taleo EE Saas Implementation

Data Masking: A baseline data security measure

The Top Five EHR Implementation and Integration Imperatives

WHERE S THE ROI? Leveraging Benefits Realization Activities to Optimize Your Organization s Investment in ERP Software

FCPA COMPLIANCE: THE BENEFITS OF AUTOMATING THIRD-PARTY DUE DILIGENCE

Framework for Enterprise Risk Management

White Paper THE FIVE STEPS TO MANAGING THIRD-PARTY RISK. By James Christiansen, VP, Information Risk Management

Information Governance Workshop. David Zanotta, Ph.D. Vice President, Global Data Management & Governance - PMO

ON-BOARDING WITH BPM. Human Resources Business Process Management Solutions WHITE PAPER. ocurements solutions for financial managers

SEVEN WAYS THAT BUSINESS PROCESS MANAGEMENT CAN IMPROVE YOUR ERP IMPLEMENTATION SPECIAL REPORT SERIES ERP IN 2014 AND BEYOND

4 Key Tools for Managing Shortened Customer Lead Times & Demand Volatility

Cordys Business Operations Platform

Strategic Meetings Management Program (SMMP) Implementation and Idea Guide

Your Software Quality is Our Business. INDEPENDENT VERIFICATION AND VALIDATION (IV&V) WHITE PAPER Prepared by Adnet, Inc.

WHITE PAPER THIRD PARTY MANAGEMENT: FUNDAMENTALS

SHARED SERVICES. An Enabler for Managing Risk. Steve Tracy, Principal Consultant, ISG.

THOMSON REUTERS ACCELUS

Data Governance Implementation

KNOW YOUR THIRD PARTY

SEVEN WAYS TO AVOID ERP IMPLEMENTATION FAILURE SPECIAL REPORT SERIES ERP IN 2014 AND BEYOND

Certified Identity and Access Manager (CIAM) Overview & Curriculum

A Guide to Marketing Technologies for Distributed Teams

FY 2010 Annual Action Plan

ICD-10 Advantages Require Advanced Analytics

FRANCHISORS AND FRANCHISEES: UNDERSTANDING COMPLIANCE RISKS

ON Semiconductor identified the following critical needs for its solution:

Project Management/Controls and their impact on Auditing and Accounting Issues. October 31, 2012

Fifth annual survey. Look before you leap Navigating risks in emerging markets

Fly High With Human Capital Management Software

Enabling Data Quality

WHITE PAPER: ANALYSIS OF SUCCESSFUL SUPPLY CHAIN ORGANIZATION MODELS

Visual Enterprise Architecture

REALIZING MAXIMUM BENEFITS FROM GOVERNANCE, RISKS AND COMPLIANCE (GRC) TOOLS

Business Process Services. White Paper. Effective Vendor Management: Improving Supply Chain Efficiencies, Reducing Risk

TransCelerate's Role in Transforming Pharmaceutical Trials Presentation to PCORNet

EARLYRESOLUTION DEFAULT MANAGEMENT ACROSS MULTIPLE CHANNELS DRIVE HIGHER PERFORMANCE

Operational Risk Management - The Next Frontier The Risk Management Association (RMA)

Epicor Financial Services Overview. Business without Barriers

Reduced Total Cost of Ownership (TCO) and Increased Scalability with a New Accounting Solution

TRACK BEYOND THE RACK MANAGING IT ASSETS ACROSS THE ENTERPRISE

FIXED SCOPE OFFERING FOR ORACLE FUSION TALEO CLOUD

Fortune 500 Medical Devices Company Addresses Unique Device Identification

How To Implement An Enterprise Resource Planning Program

Report of Audit OFFICE OF INSPECTOR GENERAL. Information Technology Infrastructure Project Management A Tammy Rapp Auditor-in-Charge

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

mysap ERP mysap ERP HUMAN CAPITAL MANAGEMENT

04 Executive Summary. 08 What is a BI Strategy. 10 BI Strategy Overview. 24 Getting Started. 28 How SAP Can Help. 33 More Information

Data Governance Implementation

Procurement General Session: Empowering Modern Procurement

IBM Software A Journey to Adaptive MDM

Symantec Client Management Suite 7.6 powered by Altiris technology

Wealth and Asset Management Services Spotlight. Redefining the Wealth Management Client Onboarding Experience

Risk Considerations for Internal Audit

Taking Control of Spend Data Management and Analytics Without Bothering IT

BUSINESS CONSULTING SERVICES Comprehensive practice management solutions for independent investment advisors

Anti-Bribery and Corruption Compliance for Third Parties: Is an off the shelf product enough?

Transforming Accounts Payable into a Profit Center

Four Clues Your Organization Suffers from Inefficient Integration, ERP Integration Part 1

Point of View: FINANCIAL SERVICES DELIVERING BUSINESS VALUE THROUGH ENTERPRISE DATA MANAGEMENT

manageservices Managed Services for Intelligent Infrastructure

Supplier Relationship Management (SRM) Redefining the value of strategic supplier collaboration

How to bridge the gap between business, IT and networks

ACCOUNTS PAYABLE AUTOMATION FOR SAP

BEST PRACTICES IN AP AUTOMATION

PROJECT MANAGEMENT FRAMEWORK

The rise of third party relationships means rise in risk and regulation. Non-compliance is risky business for financial institutions

KPMG Internal Audit: Top 10 considerations in 2015 for technology companies. kpmg.com

Implementing a Data Governance Initiative

Maximizing the ROI Of Visual Rules

Using Organizational Change Management Principles to Create a Scalable OCM Methodology

APEC General Elements of Effective Voluntary Corporate Compliance Programs

A Forrester Consulting Thought Leadership Paper Commissioned By Zebra Technologies. November 2014

14 TRUTHS: How To Prepare For, Select, Implement And Optimize Your ERP Solution

E2 COLLABORATIVE SUPPLY PLANNING

Customer Service Analytics: A New Strategy for Customer-centric Enterprises. A Verint Systems White Paper

Guide to Going Paperless in the Cloud. IDEAL.com, Parklawn Drive, Rockville, MD IDEAL -

Driving Records & Information Management Transformation: Enabling program adoption

SAP Solution Brief SAP Solutions for Sustainability. Pave the Way for IT Innovation by Reducing Cost, Risk, and Energy Use

Version: 2 Date: July 12, 2011

RSA ARCHER OPERATIONAL RISK MANAGEMENT

Fixed Scope Offering for Implementation of Sales Cloud & Sales Cloud Integration With GTS Property Extensions

Transcription:

Implementing a Third-Party Management Solution: 5 Steps for Success

Centralizing third-party management and automating the compliance process is a vital step towards achieving Anti-Bribery and Anti-Corruption compliance. Given the inherent complexity of the third-party compliance process and the number of departments that play a role in the effort, implementing a third-party technology solution requires a thoughtful and methodical approach. The five-step process detailed below helps companies ensure the successful implementation of a third-party compliance solution. Step One Identify the Right Team In order to ensure an efficient software implementation, consider designating an executive sponsor to own the selection and implementation of the solution, including responsibility for overseeing the creation of the business case to justify the company s investment in the solution. An executive sponsor s role typically includes responsibility for communicating with senior executives and the Board of Directors and managing their expectations throughout the process. In addition, identify relevant stakeholders, such as sales and operations executives, and ensure that they play a role in the development of the criteria to screen and select a third-party compliance solution provider. Stakeholders can also provide assistance in overcoming roadblocks encountered during the assessment and implementation process as well as support to ensure that the project is on track to meet the company s compliance-related expectations. Step Two Develop a Project Implementation Timeline IT s Role The level of support needed from the IT function varies based on the third-party compliance management solution that a company selects. While some solutions require changes to the existing IT infrastructure, other cloudbased solutions require limited technical support. Regardless, the IT function has a role to play, and postponing their engagement in the process can translate into significant delays in the project timetable. It is imperative that the executive sponsor creates a project timetable that reflects an appropriate sense of urgency and meets the needs of the organization. An implementation timeline typically includes the following phases: Current state assessment: To drive change, companies must understand their current environment. By doing so, they will gain a clearer understanding of how much must change and where potential roadblocks may exist. Future state design: While a third-party compliance solution can provide a number of benefits to support the onboarding, management, monitoring, and auditing of third parties, it must reside within an integrated, cross-functional compliance effort. Gap identification, analysis, and prioritization: With a detailed understanding of the current and future state of the compliance effort, companies can document, analyze, and prioritize the gaps within their existing compliance program. This often requires the support of an external third-party compliance due diligence firm. 2 Implementing a Third-Party Management Solution: 5 Steps for Success

Implementation plan: A detailed implementation plan will include the roles and responsibilities of executives and employees impacted by the change and clear expectations for the third-party compliance management provider to meet. Company-wide communications plan: To effect change, the company s employees and executives must support the transformation of the compliance process. A communications plan helps create the case for change and minimize objections across the organization. Third-party communications plan: In addition to developing an internal communications plan, companies must develop the content and tone of communications with third parties as well. This includes determining how the company plans to welcome third parties to the organization and engage them in the compliance process. Establish Key Performance Indicators (KPIs) to monitor and report post-implementation: Monitoring KPI post implementation ensures that the third-party compliance solution functions as intended and delivers the benefits detailed in the business case used to justify the investment. Such reporting empowers the compliance division and provides clear and compelling evidence to C-Suite executives and the Board of Directors regarding the program s performance. Project timelines must take into account the company s compliance-related objectives. For example, if an organization is under a government probe, the project timeline will be much shorter than it would be if the organization is starting the process without any government pressure. Step Three Determine Pre- and Post-Implementation Roles and Responsibilities Ownership of a third-party compliance solution involves differing levels of responsibility and expense. Who will fund the initial investment in the solution? Who will be fiscally responsible once the adoption of the solution takes place? There may be further discussion about whether to centralize or decentralize the company s third-party compliance program. This is also the time to determine the need for additional staff to support the solution in either a decentralized or a centralized state. Step Four - Identify the Location and Ownership of Third-Party Records Integrating Legacy Data Do you plan to upload legacy third-party compliance data? If so, determine the solution provider s role in the process. Do they have previous experience mapping data and assisting clients with the integration process? One of the benefits companies realize from implementing a third-party compliance solution is the creation of a dedicated repository to house third-party data. An essential step in the process to centralize such data involves identifying the location of relevant third-party data within the company, including who owns that data and who must approve its migration to another platform. Performing this step prior to the implementation process can help identify potential objections or obstacles without affecting the project timeline. www.securimate.com 3

Step Five Evaluating Your Company s Due Diligence Questionnaire and Risk Model Due Diligence Questionnaires Implementing a risk-based approach to third-party compliance involves gathering data, typically via due diligence questionnaires (DDQ). In turn, the risk model helps establish the level of due diligence required for each third party. If your organization does not have an existing due diligence questionnaire, the third-party compliance solution provider may have templates they can provide. Depending on the location of your company s third parties, you may need versions of the DDQ in multiple foreign languages. Risk Model Third-party risk models include many factors that allow a company to assess the compliance risk that an intermediary presents. If your organization has an existing risk model in place, now is the time to reevaluate the components and their weighting. Implementing a technology-focused solution to centralize and automate the third-party management and compliance process is a complex, yet vital, process towards achieving Anti-Bribery and Anti- Corruption compliance. Through careful planning and insightful cross-functional team discussion, companies can implement solutions that provide flexibility and are scalable with demand. Engaging the Experts to Create a Third-Party Risk Model Deploying a risk-based compliance program requires a detailed understanding of the types of intermediaries the company engages and a fully functional risk model that analyzes a number of factors, including: Where the third party conducts business. The type of third party (Ex. intermediary, consultant, supplier). How much business the third party generates for the company. The third party s participation in government tenders. The third party s interaction with government entities on your company s behalf. Contact Us Securimate s Total Solution delivers a streamlined, flexible, and scalable approach to third-party management. Clients benefit from the access to knowledgeable compliance experts who have extensive experience helping clients develop and deploy industry-leading third-party risk models. To find out how Securimate can help your organization implement a third-party management program, please contact us at info@securimate.com or +1 (512) 287.2700 for more information. 4 Implementing a Third-Party Management Solution: 5 Steps for Success

About Securimate Securimate is the leading enterprise third-party management Saas, Software as a Service solution that enables multinational companies to systematically onboard, manage, monitor, and audit their sales channel and supply chain participants. Securimate s flexible workflows deliver detailed analytics that help customers ensure regulatory compliance, maximize supply chain efficiency, and comply with data privacy laws and regulations. Securimate Inc. Headquarters 11044 Research Blvd., Suite B-250 Austin, TX 78759 USA Securimate Inc. 2638 Highway 109, Suite 200 Wildwood, MO 63040 USA +1 (512) 287.2700 info@securimate.com www.securimate.com SM-1011501

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information