Building Successful Relationships with Key Stakeholders as a Third-Party Risk Manager or Executive

Building Successful Relationships with Key Stakeholders as a Third-Party Risk Manager or Executive

Building Successful Relationships with Key Stakeholders as a Third-Party Risk Manager or Executive
 Building Successful Relationships with Key Stakeholders as a Third-Party Risk Manager or Executive 

 
For more information regarding third-party risk management (TPRM), please refer to Beginner’s Guide to Vendor, Supplier and Third-Party Risk Management under Training Guides,Template and Checklists.
Third-party risk management (TPRM) requires that third-party risk managers encourage cross-collaborative efforts between various stakeholders from diverse professional and personal backgrounds. When different people with different professional experiences work together towards implementing and maintaining a TPRM program, it opens the door to misunderstandings, friction and tension due to differences in perspectives, opinions and strategies. 
 
Download Also:
Having witnessed conflicts and fights during stakeholder meetings that ranged from the amusing, the frightening to the outright hilarious, I can safely state that poor interpersonal relationships among stakeholders and partners serves as one of the main reasons why many TPRM programs cannot effectively meet their goals. From the passive aggressive to the outright "let's take it outside" moments, many conflicts make reality tv shows appear tame as people fight over the right strategy necessary to build and manage a successful TRPM program. 
 
When reflecting on my own professional experiences, I can attest to "locking horns" and "getting it in with the best of them" over various aspects regarding TPRM. Over time, however, I recognized that any TPRM manager or executive that wants to build an industry standard program must learn how to effectively work with stakeholders and partners in order to meet his or her objectives. To create a productive environment that promotes effective collaboration among stakeholders and partners, listed below are five tips that a third-party risk manager or executive can utilize to build and maintain strong relationships with key stakeholders and partners. 

Tip #1: Show professional respect to stakeholders and partners  

Respect means a feeling of deep admiration for an individual based on their abilities, qualities, or achievements. To command the respect of others, a leader must demonstrate respect to stakeholders and partners by finding inherent value in their efforts to create a successful TPRM program. By valuing the contributions of others, a TPRM manager or executive can gain trust and support from key stakeholders and partners.

Tip #2: Create a collaborative environment that encourages stakeholders and partners to provide constructive criticism and feedback. 

TPRM managers and executives should encourage collaboration by allowing stakeholders and partners to share their ideas on how to successfully build, maintain and improve a TPRM program. For many organizations, TPRM represents a new function that requires organizations to follow stringent regulations (i.e., OCC 2013-29). As a result, many stakeholders and partners view TPRM as a hinderance to business as it requires business departments to undergo an extensive process to onboard and utilize third-parties. 
 
To ensure that stakeholders and partners understand and appreciate the value of TPRM, TPRM managers and executives should meet with stakeholders and partners on a monthly or quarterly basis to receive constructive criticism and feedback. The meetings not only provide the stakeholders and partners with a forum to voice their concerns, it also provides TPRM managers and executives an opportunity to share their vision for the TPRM program. Ultimately, meeting with stakeholders and partners on a regular basis allows TPRM managers and executives to build strong strategic alliances in order to successfully protect the organization from third-party risks.

Tip #3: Participate in the process in order to manage the TPRM team effectively. Don’t be afraid to get your hands dirty.  

In order to effectively manage a TPRM program, it is essential that TPRM managers and executives understand the TPRM process by participating in the day-to-day activities associated with the process. When I managed a team of six third-party risk analysts, I participated in the TPRM process by completing various third-party risk assessments even though I functioned as a manager. 
 
Completing the third-party risk assessments along with the analysts not only provided me with great insight into the TPRM process, it also allowed me to understand the process from their perspective as analysts. As a result, it enabled me to delegate tasks and responsibilities appropriately based on individual strengths. Participating in the process also allowed me to build strong relationships and a sense of comraderie with the team. As a result, I gained respect from my team and they trusted my judgment to lead the program in the right direction.

Tip #4: Communicate effectively by establishing a communication program for the entire TPRM team.  

Building and maintaining a TPRM program requires that TPRM managers and executives communicate effectively with all stakeholders and partners. To ensure effective communication among stakeholders and partners, TPRM should implement and maintain a communication program that shows that there exists an organized and consistent process to successfully manage and control third-party risks. 
An organized and consistent communication program ensures that stakeholders and partners understand their responsibility in protecting the organization from third-party risk. When building and implementing a communication program, it is essential that TPRM build a communication program that fulfills the following objectives below.

  • Reflects the importance of TPRM in protecting the organization from third-party risks     
  • Explains the relevance and purpose of each phase within the TPRM process     
  • Ensures that all TPRM activities align with the TPRM processes, policies and procedures of the organization    
  • Explains how TPRM fits within the Operational Risk Management (ORM) Framework of the organization     
  • Reinforces the risk culture and appetite of the organization
To implement an effective communication program, TPRM should develop and utilize email and automated workflow templates for each phase of the TPRM process to ensure consistency and transparency when communicating with key stakeholders and partners. Utilizing emails and automated workflow templates allow TPRM to manage the TPRM process with all stakeholders and partners while creating an effective audit trail. 

Tip #5: Create a training program for stakeholders and partners to ensure that they understand the value of TPRM within the organization.  

In order for stakeholders and partners to understand the value of the TPRM program, TPRM managers and executives should develop a TPRM training program that educates stakeholders and partners about the TPRM process. An effective training program provides TPRM managers and executives an opportunity to communicate with stakeholders and partners on how a TPRM program helps the organization manage and control risks that could potentially undermine the strategic objectives of the organization. 
 
In addition to demonstrating the importance of TPRM to stakeholders and partners, An effective TPRM training program should also emphasize the risk culture and the risk appetite of the organization. By building a training program, TPRM managers and executives can ensure that stakeholders and partners understand their role in ensuring that all outsourcing activities uphold the risk culture and risk appetite of the organization. 

Please refer to Beginner’s Guide to Vendor, Supplier and Third-Party Risk Management for a sample training material.
*Risk appetite: The amount of loss an organization can absorb or tolerate.

Conclusion  

Ultimately, relationships form the foundation of any organization as they represent groups of individuals working together towards a common goal. One can define an organization as groups of relationships interwoven together to fulfill the strategic objectives of the organization. 
 
To create and maintain an industry standard program, TPRM managers and executives should create and maintain strong relationships with stakeholders and partners in order to maximize the benefits of outsourcing while minimizing the risks. By building strong strategic alliances, TPRM managers and executives can create the necessary foundation that enables stakeholders and partners to work in synchronicity to maintain an effective TPRM program. 
 
Related Topics:

                                              Catherine Tibaaga
About:
I am a Risk Management professional who has over seven years of experience working for global firms such as Jones Lang LaSalle, E*TRADE Financial, JPMorgan Chase & Co. and Freddie Mac. I have worked in a variety of roles in third-party risk management, procurement and accounting. To provide value to organizations, I conduct and lead risk assessment activities for corporations that seek to outsource their activities to third-party suppliers. 
I also help companies build their vendor, operational, and enterprise risk management programs. Using my expertise in building risk management programs, I work with organizations to ensure that their vendor risk management programs align and comply with regulations (i.e. OCC 2013-29, GLBA and Privacy laws) and industry standards (i.e. ISO 27000 family of standards, PCI and NIST standards). 

My core expertise includes: 
Risk Management: Third-Party Risk, Operational Risk, Enterprise Risk RiskTools: Hiperos, MetricStream, Archer, Agiliance Regulations: OCC, GLBA and Privacy Laws, FRB, FDIC Industry Standards: ISO 31000, ISO 27001, ISO 27002, PCI Compliance, NIST Standards (800-14, 800-37, 800-52), COSO Framework
Previous Post Next Post

Comments