drj logo
  • This field is for validation purposes and should be left unchanged.

Already have an account? Log in

drj logo

Welcome to DRJ

Already registered user? Please login here

Login Form

Register
Forgot password? Click here to reset

Create new account
(it's completely free). Subscribe

Skip to content
Disaster Recovery Journal
  • EN ESPAÑOL
  • SIGN IN
  • SUBSCRIBE
  • THE JOURNAL
    • Young Professional Spotlight
    • Career Spotlight
    • Article Submission
    • Digital Edition
    • DRJ Annual Resource Directories
    • Article Archives
  • EVENTS
    • DRJ Fall 2022
    • Other Industry Events
    • Schedule & Archive
  • WEBINARS
    • Upcoming Webinars
    • On Demand
  • MENTOR PROGRAM
  • DRJ ACADEMY
    • DRJ Academy
    • Beginner’s Guide to BC
  • RESOURCES
    • New to Business Continuity?
    • White Papers
    • DR Rules and Regs
    • Planning Groups
    • Business Directory
    • Business Resilience Decoded
    • DRJ Glossary of Business Continuity Terms
    • Careers
  • ABOUT
    • Advertise with DRJ
    • Board and Committees
      • Executive Council Members
      • Editorial Advisory Board
      • Career Development Committee
      • FAQs Committee
      • Web Committee
      • Glossary Committee
      • Rules and Regulations Committee
  • Podcast

Significant Percentage of Organizations are Drastically Unprepared to Address Supply Chain Disruptions

by Jon Seals | April 7, 2020 | | 0 comments

Prevalent and Shared Assessments Study Reveals Extreme Lack of Confidence and Dissatisfaction in Programs and Tools to Manage Third-Parties

BOSTON, MA — April 8, 2020 – Prevalent, Inc., the company that transforms how you manage third-party risk, and Shared Assessments, the member-driven leader in third party risk assurance, today announced a new report, Third-Party Risk Management: The 3rd Rail of Security & Compliance, which provides deep insights into current trends, challenges and initiatives impacting third-party risk practitioners. The findings clearly illustrate that many companies are not dedicating proper resources to assess third-party risks, and those that are still lack confidence in their program. As a result, there are real consequences including loss of revenue, loss of productivity, and loss of reputation – all of which can jeopardize resiliency and are amplified given today’s supply chain concerns related to COVID-19.

“Organizations are starting to ask the question about what happens to them if their supply chain partners go out of business. Sadly, most companies don’t have the risk visibility into their supply chains to answer that question,” stated Brenda Ferraro, vice president of third-party risk at Prevalent, Inc. “How can they expect to adequately manage their own risk without understanding the risks vendors and partners pose?”

 Key findings include:

  • Lack of confidence in the program inhibits results: 54% of organizations have some meaningful experience in conducting third-party risk assessments, yet only 10% are extremely confident in their programs.
  • Significant consequences: 76% of respondents said that they experienced one or more issues that impacted vendor performance – resulting in a loss of productivity (39%), monetary damages (28%) and a loss of reputation (25%).
  • Unsatisfactory number of assessments: 66% of respondents say they should be assessing more than three-fourths of their top tier vendors but aren’t doing so.
  • Costs, resources and lack of process are inhibitors to success: Lack of resources (74%), cost (39%) and insufficient processes (32%) are keeping respondents from assessing all their top tier vendors.
  • No one seems happy with their existing toolset: Satisfaction levels among existing tools hovers in the 50% range, and weighted average of satisfaction caps out at 3.8/5.0. GRC tools have an especially long way to go with a 41% satisfaction rate.

Growing and maturing an adaptable and agile third-party risk management program that is resilient in times of crisis doesn’t have to be a complex and time-consuming process. The report concludes with five recommendations to jump start vendor risk activities:

  • Develop a Programmatic Process
  • Build a Cross-Functional Team That Extends Beyond Risk and Compliance
  • Be Comprehensive without Being Complex
  • Maintain Options for Assessment Collection and Analysis for Agility
  • Complement Your Decision-Making with Risk-Based Intelligence

To read the complete report, including expanded conclusions, download it here: https://www.prevalent.net/assets/documents/resources/2020-third-party-risk-management-study-report.pdf

To assess your organization’s and your vendor’s business resilience processes, download Prevalent’s free business resilience questionnaire at https://www.prevalent.net/content-library/pandemic-business-resilience-questionnaire/.

About Prevalent

Prevalent helps enterprises manage risk in third-party business relationships. It is the industry’s only purpose-built, unified platform that integrates a powerful combination of automated assessments, continuous monitoring, and evidence sharing for collaboration between enterprises and vendors. No other product on the market combines all three components, providing the best solution for a highly functioning, effective third-party risk program. To learn more, please visit www.prevalent.net.

Recent Posts

  • Download Your Planning Templates
  • They Called Me ‘The Queen of Doom’
  • Business Continuity as a Business Strategy
  • AlertMedia Improves Emergency Management with the Launch of Event Pages: Connecting People with Critical Information in Real-Time
  • Disaster Recovery Planning in a VM Operating Environment

Recent Comments

  • carybaron@yahoo.com on Contingency Planning Cycle
  • marifergerson0102 on Contingency Planning Cycle

Archives

  • December 2020 (1)
  • October 2020 (1)
  • August 2020 (1)
  • January 2020 (1)
  • November 2019 (9)
  • October 2019 (8)
  • September 2019 (8)
  • August 2019 (17)
  • July 2019 (77)
  • June 2019 (92)
  • May 2019 (128)
  • April 2019 (109)
  • March 2019 (80)
  • February 2019 (106)
  • January 2019 (102)
  • December 2018 (96)
  • November 2018 (131)
  • October 2018 (139)
  • September 2018 (81)
  • August 2018 (124)
  • July 2018 (113)
  • June 2018 (90)
  • May 2018 (142)
  • April 2018 (151)
  • March 2018 (124)
  • February 2018 (157)
  • January 2018 (140)
  • December 2017 (118)
  • November 2017 (158)
  • October 2017 (186)
  • September 2017 (139)
  • August 2017 (212)
  • July 2017 (179)
  • June 2017 (214)
  • May 2017 (230)
  • April 2017 (223)
  • March 2017 (159)
  • February 2017 (175)
  • January 2017 (112)
  • December 2016 (8)
  • October 2016 (12)
  • June 2016 (15)
  • May 2016 (4)
  • April 2016 (10)
  • January 2016 (10)
  • December 2015 (2)
  • October 2015 (12)
  • September 2015 (2)
  • June 2015 (15)
  • April 2015 (15)
  • March 2015 (6)
  • February 2015 (7)
  • January 2015 (6)
  • December 2014 (18)
  • November 2014 (19)
  • October 2014 (24)
  • September 2014 (11)
  • August 2014 (13)
  • July 2014 (7)
  • June 2014 (36)
  • May 2014 (19)
  • April 2014 (21)
  • March 2014 (90)
  • February 2014 (5)
  • January 2014 (26)
  • December 2013 (10)
  • November 2013 (25)
  • October 2013 (37)
  • September 2013 (27)
  • August 2013 (8)
  • July 2013 (8)
  • June 2013 (31)
  • May 2013 (17)
  • April 2013 (103)
  • March 2013 (82)
  • February 2013 (120)
  • January 2013 (212)
  • December 2012 (128)
  • November 2012 (92)
  • October 2012 (159)
  • September 2012 (112)
  • August 2012 (153)
  • July 2012 (106)
  • June 2012 (91)
  • May 2012 (35)
  • April 2012 (49)
  • March 2012 (14)
  • February 2012 (19)
  • January 2012 (44)
  • December 2011 (9)
  • November 2011 (21)
  • October 2011 (45)
  • September 2011 (13)
  • August 2011 (9)
  • July 2011 (47)
  • May 2011 (46)
  • April 2011 (10)
  • March 2011 (25)
  • February 2011 (1)
  • January 2011 (17)
  • December 2010 (8)
  • October 2010 (19)
  • September 2010 (1)
  • July 2010 (23)
  • June 2010 (1)
  • May 2010 (1)
  • April 2010 (21)
  • March 2010 (1)
  • February 2010 (1)
  • January 2010 (4)
  • December 2009 (20)
  • November 2009 (4)
  • October 2009 (17)
  • September 2009 (11)
  • August 2009 (2)
  • July 2009 (2)
  • June 2009 (79)
  • April 2009 (20)
  • March 2009 (1)
  • January 2009 (22)
  • November 2008 (1)
  • October 2008 (1)
  • July 2008 (4)
  • June 2008 (22)
  • April 2008 (25)
  • February 2008 (1)
  • January 2008 (16)
  • December 2007 (17)
  • November 2007 (662)
  • October 2007 (410)
  • September 2007 (1)
  • November 1999 (1)

ARTICLES & NEWS

  • Business Continuity
  • Disaster Recovery
  • Crisis Management & Communications
  • Risk Management
  • Article Archives
  • Industry News

THE JOURNAL

  • Digital Edition
  • Young Professionals
  • Career Spotlight
  • Advertising & Media Kit
  • Submit an Article

RESOURCES

  • White Papers
  • Rules & Regulations
  • FAQs
  • Glossary of Terms
  • Industry Groups
  • Business & Resource Directory
  • Business Resilience Decoded

EVENTS

  • Fall 2022
  • Spring 2022

WEBINARS

  • Watch Now
  • Upcoming

CONTACT

  • Article Submission
  • Media Kit
  • Contact Us

ABOUT DRJ

Disaster Recovery Journal is the industry’s largest resource for business continuity, disaster recovery, crisis management, and risk management, reaching a global network of more than 138,000 professionals. Offering weekly webinars, the latest industry news, rules and regulations, podcasts, the industry’s only official mentoring program, a quarterly magazine, and two annual live conferences, DRJ is leading the way to keep professionals up-to-date and connected in an ever-changing world.

LEARN MORE

TWITTER

Disaster Recovery Journal is the leading publication/event covering business continuity/disaster recovery.

Follow us for daily updates @drjournal

Newsletter

The Journal, right in your inbox.

Be informed and stay connected by getting the latest in news, events, webinars and whitepapers on Business Continuity and Disaster Recovery.

Subscribe Now
Copyright 2022 Disater Recovery Journal
  • Terms of Use
  • Privacy Policy