In the aftermath of the massive global impact on Windows 365 cloud PCs following the update to CrowdStrike’s Falcon Sensor software in July this year, you only have to ask corporate risk professionals what keeps them up at night and the answer is often not so much the potential vulnerabilities in their own organizations, but those in the rather more opaque world of their supply chain. Small wonder when the whole concept of supply chain risk is inherently multi-dimensional and the accountabilities often highly dispersed.
Leverage platform solutions but verify the data.
Not surprisingly, many organizations look to Third Party Risk Management (TPRM) solutions to help them wrap their arms around what would otherwise be an almost unmanageable risk landscape. Platform solutions, often drawing on and evaluating data points from across the risk spectrum – from KYC, sanctions and transaction monitoring compliance risk to real time IT system vulnerability monitoring – offer risk managers a consolidated dashboard providing a level of comfort that the supply chain upon which their organization depends isn’t quite so opaque after all. Or does it?
The key point is verification. And that verification often requires a step into the physical world to check at first hand that what the dashboard says is green, really isn’t a deep shade of red.
Choosing the right global force multiplier
Partnering with a global risk consultancy with the expertise to act as an extension of a corporate risk management program, in locations where organizations have no physical footprint, is a highly effective way of extending a risk manager’s geographic reach and operational capacity. On-site surveys of production facilities to ensure compliance with sanctions risk, and detailed ISO 27001 led audits of critical infrastructure facilities, domestically and overseas, to identify and mitigate the risk of unauthorized access to data are just two examples of the power that a 360° view of risk that this extended physical world presence brings. Couple that with the power of intelligence-led analysis and the cultural and language skills to deep dive into both publicly available information and obtain unique insight from an unapparelled global network of expert industry sources, and the veil of opacity may be lifted completely.
Reach out to Integrity Risk International today to see how our team of global experts can help develop risk management solutions to meet your specific client needs.