Impacts from third party risks are in the headlines daily. We witness stories of faulty products from a supplier, cloud service outages and a barrage of third party provider data breaches. As organizations use more and more third party products and services to conduct business, the number of risks and performance impacts that these relationships pose to your organization will also increase. The number, complexity and velocity of these risks make it difficult for you to track and respond effectively.
Archer Third Party Governance
With Archer Third Party Governance, you can capture prospective relationships, engage affected stakeholders, and assess contract risk, financial wherewithal, and inherent and residual risks across multiple risk categories. This enforces risk-based selection and establishes performance metrics. Archer Third Party Governance automates and streamlines oversight of your vendor relationships by facilitating key activities necessary to fulfill regulatory obligations and best practices across the entire third party management lifecycle.
Archer Third Party Governance provides several use cases to meet your specific business needs as you mature your third party risk and performance management program.
See the Solution Brief for this Solution on Archer Community: https://community.rsa.com/docs/DOC-40093
|
Use Case |
Description |
Prerequisites |
|---|---|---|
|
Archer Third Party Catalog allows you to document all third party relationships engagements, and associated contracts, as well as the business units and named individuals in the organization that are responsible for each third party relationship. With Archer, you can report on all third party information, including profiles, engagements, third party business hierarchy, contacts, facilities, accountable third party contacts, and more within a single repository. |
None |
|
|
Archer Third Party Risk Management allows you to assess the governance and controls that third parties have in place around the engagements they are delivering to your organization. These assessments drive residual risk scores of third party engagements across several risk categories, including financial wherewithal, contract risk, compliance/litigation, fidelity, information security, reputation, resiliency, strategic, and sustainability risk. Assessment questionnaires are configurable and used to collect relevant supporting documentation for further analysis. The results of these questionnaires are factored into a determination of the third party’s overall residual risk profile, across all of the engagements they are delivering to your organization. Assessment findings can be automatically captured and managed, and exceptions and remediation plans can be established and monitored to resolution. |
Issues Management, Third Party Catalog |
|
|
Archer Third Party Engagement provides a means for your business unit managers and procurement team to request and manage new third party product and services engagements, and catalog all products and services that are being delivered by your third parties. It also allows you to associate the product and service engagement to the business process and business units it supports, giving you a holistic understanding of your dependency on the third party. You can establish accountability for engagements, perform inherent risk assessments across multiple risk categories, catalog and assess the adequacy of proof of insurance for each supplier, evaluate the financial viability of the third party, and roll up all engagement inherent risk assessments to the third party delivering the engagement. This provides you with an understanding of the overall inherent risk associated with each third party relationship. |
Issues Management, Third Party Catalog |
|
|
Archer Third Party Governance allows you to monitor each third party’s performance. Metrics can be established around each engagement within four categories: Quality, Innovation, Performance, and Relationship. Metrics are depicted for each engagement and rolled up to the third party, to understand the third party’s performance across all of the engagements they deliver. |
Third Party Catalog, Third Party Risk Management, Third Party Engagement |