SlideShare a Scribd company logo

Iceberg-RSA Supplier Risk Webinar - January 18, 2017

Download as PPTX, PDF
Iceberg Networks Corporation
Iceberg Networks Corporation

Presentation deck from an Iceberg-RSA webinar. "A panel discussion on Supplier Governance and Risk Management" More info at http://icebergnetworks.com/srm/

Business
1 of 17
JONATHAN SWANSON Aetna DARREN McCUBBIN Royal Bank of Canada JOHN HEUER Iceberg MARSHALL TOBUREN Dell-RSA
KEY QUESTIONS Why is supplier risk management so critical to success? What’s driving the need for greater maturity? Where do we start? What are the key challenges? What’s next?
TODAY’S PANELISTS JOHN HEUER Iceberg MARSHALL TOBUREN Dell-RSA JONATHAN SWANSON Aetna DARREN McCUBBIN Royal Bank of Canada MODERATOR GLEN GOWER, Iceberg
GOVERNANCE, RISK & COMPLIANCE (GRC) Governance How an organization is structured and managed to achieve strategic goals Risk Management Predicting and managing risks that affect the achievement of objectives Compliance Following policies, procedures, laws, and regulations. GRC: Maximize the efficiency and effectiveness of an organization and understand risk in a business context.
GOVERNANCE, RISK & COMPLIANCE (GRC) Gartner: Seven primary markets of “integrated risk management… recognizing the interconnected nature of operational risk across an enterprise.” • Operational Risk Management (ORM) • IT Risk Management (ITRM) • IT Vendor Risk Management (VRM) • Business Continuity Management Planning (BCMP) • Audit Management (AM) • Corporate Compliance (CCO) • Enterprise Legal Management (ELM)
RISK INTELLIGENCE Risk Data Trusted Aggregated, Transparent Decisions Informed Confident Effective Business Leaders Board Executives Management “Trusted, aggregated and transparent risk data for business leaders, enabling organizations to make informed, confident and effective decisions.”
TOP OF MIND 42% of companies now describe themselves as highly vulnerable to vendor, supplier, or procurement fraud Kroll Global Fraud Survey 85% of companies reported suffering at least one supply chain disruption Zurich Financial Survey 90% of all FCPA cases involved third- party intermediaries Corporate Executive Board 76% of data breaches resulted from a third-party which introduced security deficiencies that were ultimately exploited Trustwave Global Security Report
AREAS OF SUPPLIER RISK Financial Wherewithal Concentration Risk Strategic Risk Credit/Liquidity Operational Regulatory Compliance Information Security Business Resiliency Errors & Fraud Privacy Non-performance / Poor Quality Reputation Risk Inadequate Supply Chain Governance “Nth” party risk Legal
JOHN HEUER Iceberg MARSHALL TOBUREN Dell-RSA JONATHAN SWANSON Aetna DARREN McCUBBIN Royal Bank of Canada MODERATOR: GLEN GOWER, Iceberg
COMMON ARCHER USE CASES Centralize supplier inventory and processes across the enterprise Ensure that ownership, roles, and responsibilities are clearly defined, and develop efficient, repeatable processes Monitor and assess new/potential vendors, and ongoing monitoring of existing suppliers Enable “ask once, use many” approach to gathering data Reporting on risk posture to management & business unit owners
COMPLEX SUPPLIER ECOSYSTEM Financial Counterparties Consultants Maintenance Companies Raw Material Suppliers Software Providers Couriers Law Firms Hardware Providers Landlords / Lessors Parts Suppliers Insurers Employment Agencies ISPs SaaS Providers Credit Bureaus Utility & Telecom Companies Marketing Companies Security Guards Accountants Medical Business Associates Property Managers Partners/Ventures Integrators Third-Party Sellers Identity Protection Providers Source: Shifting Toward Maturity, EY, June 2016 73% 21% 6% Less than 10,000 10,000-29,999 30,000-49,999 How many third party suppliers are in your organization’s inventory population?
WHO OWNS SUPPLIER RISK? Source: Shifting Toward Maturity, EY, June 2016 45% 41% 14% Centralized (enterprise-wide 3rd party risk management office) Hybrid (3rd party risk management offices located within the business areas and centrally at the enterprise level) Decentralized (embeds 3rd party risk offices within each business area) 41% 38% 14% 7% “How is your 3rd party risk management program structured?” “What area has primary ownership of the 3rd party risk management function?” Procurement Operational & Enterprise Risk Information security Tech and operations
WHERE DO WE START? Stakeholder Alignment “Weigh-In = Buy-In” Establish Clear Vision & Goals Executive Support CMO/FMO – how do we do it today, and how can we do it better? Start Small, Build Momentum
ACHIEVING VALUE Source: The Deloitte Global CPO Survey 2016: Procurement: At a Digital Tipping Point? 43% 39% 32% 31% 30% 29% 25% 21% Consolidating spend Increasing level of supplier collaboration Increasing competition Restructuring existing relationships Reducing total lifecycle/ownership costs Specification improvement Restructuring the supply base Reducing transaction costs Where are CPOs focused on generating value in the next 12 months?
ASSESSMENT OVERLOAD? 8% 21% 33% 27% 10% <50 51-100 101-250 251-500 >500 “How many questions are within your organization’s full-length control self- assessment questionnaires that are used to assess the highest-risk third parties?” Source: Shifting Toward Maturity, EY, June 2016 # of questions
JOHN HEUER Iceberg MARSHALL TOBUREN Dell-RSA JONATHAN SWANSON Aetna DARREN McCUBBIN Royal Bank of Canada MODERATOR: GLEN GOWER, Iceberg
icebergnetworks.com/srm/ info@icebergnetworks.com Twitter: @icebergnetworks

Recommended

Solving data publication challenges for even better rsa archer reporting
Solving data publication challenges for even better rsa archer reportingSolving data publication challenges for even better rsa archer reporting
Solving data publication challenges for even better rsa archer reporting
Iceberg Networks Corporation
 
Supplier Risk Assessment Poster
Supplier Risk Assessment PosterSupplier Risk Assessment Poster
Supplier Risk Assessment Poster
Preeti Bahulikar
 
Supplier Risk Pugh Matrix
Supplier Risk Pugh MatrixSupplier Risk Pugh Matrix
Supplier Risk Pugh Matrix
Lewis Adams
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
Nidhi Gupta
 
Ovejas de raza de pelo
Ovejas de raza de peloOvejas de raza de pelo
Ovejas de raza de pelo
Cristhian Andres Garcia Soto
 
Programación alzheimer final
Programación alzheimer finalProgramación alzheimer final
Programación alzheimer final
Saúl Muñoz Riberas
 
tacoma79dollarwebsitedesignpros_com
tacoma79dollarwebsitedesignpros_comtacoma79dollarwebsitedesignpros_com
tacoma79dollarwebsitedesignpros_com
Samuel Jackson
 
MOODLE
MOODLEMOODLE
MOODLE
angelamarcela2016
 

Recommended

Solving data publication challenges for even better rsa archer reporting
Solving data publication challenges for even better rsa archer reportingSolving data publication challenges for even better rsa archer reporting
Solving data publication challenges for even better rsa archer reporting
Iceberg Networks Corporation
 
Supplier Risk Assessment Poster
Supplier Risk Assessment PosterSupplier Risk Assessment Poster
Supplier Risk Assessment Poster
Preeti Bahulikar
 
Supplier Risk Pugh Matrix
Supplier Risk Pugh MatrixSupplier Risk Pugh Matrix
Supplier Risk Pugh Matrix
Lewis Adams
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
Nidhi Gupta
 
Ovejas de raza de pelo
Ovejas de raza de peloOvejas de raza de pelo
Ovejas de raza de pelo
Cristhian Andres Garcia Soto
 
Programación alzheimer final
Programación alzheimer finalProgramación alzheimer final
Programación alzheimer final
Saúl Muñoz Riberas
 
tacoma79dollarwebsitedesignpros_com
tacoma79dollarwebsitedesignpros_comtacoma79dollarwebsitedesignpros_com
tacoma79dollarwebsitedesignpros_com
Samuel Jackson
 
MOODLE
MOODLEMOODLE
MOODLE
angelamarcela2016
 
Tabaco y cocaina
Tabaco y cocainaTabaco y cocaina
Tabaco y cocaina
adoum bernedo llerena
 
Tv learning
Tv learningTv learning
Tv learning
angelamarcela2016
 
Sistemas de gestión de aprendizaje
Sistemas de gestión de aprendizajeSistemas de gestión de aprendizaje
Sistemas de gestión de aprendizaje
GILDA GARCIA
 
Presentación personal
Presentación personalPresentación personal
Presentación personal
angelamarcela2016
 
Bases de campeonato de VÓLEY INTERESCOLAR REGIONAL UDL
Bases de campeonato de VÓLEY INTERESCOLAR REGIONAL UDLBases de campeonato de VÓLEY INTERESCOLAR REGIONAL UDL
Bases de campeonato de VÓLEY INTERESCOLAR REGIONAL UDL
A B
 
Tutorial 1.1 curso de car
Tutorial 1.1 curso de carTutorial 1.1 curso de car
Tutorial 1.1 curso de car
Florestabilidade .
 
9 azas media belajar
9 azas media belajar9 azas media belajar
9 azas media belajar
Tia Dwi Hastuti
 
Estructura social
Estructura socialEstructura social
Estructura social
Jurelis Chacón
 
Resume_RKMishra
Resume_RKMishraResume_RKMishra
Resume_RKMishra
Rajesh Mishra
 
Relacion autores y teorias
Relacion autores y teoriasRelacion autores y teorias
Relacion autores y teorias
angelamarcela2016
 
Police and Community Relations - ScaleUp Partners
Police and Community Relations - ScaleUp PartnersPolice and Community Relations - ScaleUp Partners
Police and Community Relations - ScaleUp Partners
ScaleUp Partners LLC
 
Творчий звіт 2015
Творчий звіт 2015Творчий звіт 2015
Творчий звіт 2015
Людмила Добряк
 
Yes, there is a better way to do vendor risk assessments!
Yes, there is a better way to do vendor risk assessments!Yes, there is a better way to do vendor risk assessments!
Yes, there is a better way to do vendor risk assessments!
Iceberg Networks Corporation
 
How Archer users are leveraging Iceberg APS for a stronger GRC program
How Archer users are leveraging Iceberg APS for a stronger GRC programHow Archer users are leveraging Iceberg APS for a stronger GRC program
How Archer users are leveraging Iceberg APS for a stronger GRC program
Iceberg Networks Corporation
 
Transforming compliance and audit management with ServiceNow
Transforming compliance and audit management with ServiceNowTransforming compliance and audit management with ServiceNow
Transforming compliance and audit management with ServiceNow
Iceberg Networks Corporation
 
WEBINAR: Enhance your perspective of vendor risk with ServiceNow
WEBINAR: Enhance your perspective of vendor risk with ServiceNowWEBINAR: Enhance your perspective of vendor risk with ServiceNow
WEBINAR: Enhance your perspective of vendor risk with ServiceNow
Iceberg Networks Corporation
 
Iceberg Webinar: Adding relevant financial context to your BCM program
Iceberg Webinar: Adding relevant financial context to your BCM program Iceberg Webinar: Adding relevant financial context to your BCM program
Iceberg Webinar: Adding relevant financial context to your BCM program
Iceberg Networks Corporation
 
Webinar: Evolve Beyond the Third Line
Webinar: Evolve Beyond the Third LineWebinar: Evolve Beyond the Third Line
Webinar: Evolve Beyond the Third Line
Iceberg Networks Corporation
 
Webinar: Getting a grip on application risk
Webinar: Getting a grip on application riskWebinar: Getting a grip on application risk
Webinar: Getting a grip on application risk
Iceberg Networks Corporation
 
Case study: Getting a grip on application risk
Case study: Getting a grip on application riskCase study: Getting a grip on application risk
Case study: Getting a grip on application risk
Iceberg Networks Corporation
 
Webinar: Vulnerability Management IT can fix it, but the business needs to ow...
Webinar: Vulnerability Management IT can fix it, but the business needs to ow...Webinar: Vulnerability Management IT can fix it, but the business needs to ow...
Webinar: Vulnerability Management IT can fix it, but the business needs to ow...
Iceberg Networks Corporation
 
Solution Brief: Helping prepare for risk & compliance challenges for GDPR
Solution Brief: Helping prepare for risk & compliance challenges for GDPRSolution Brief: Helping prepare for risk & compliance challenges for GDPR
Solution Brief: Helping prepare for risk & compliance challenges for GDPR
Iceberg Networks Corporation
 

More Related Content

Viewers also liked

Viewers also liked (12)

Tabaco y cocaina
Tabaco y cocainaTabaco y cocaina
Tabaco y cocaina
 
Tv learning
Tv learningTv learning
Tv learning
 
Sistemas de gestión de aprendizaje
Sistemas de gestión de aprendizajeSistemas de gestión de aprendizaje
Sistemas de gestión de aprendizaje
 
Presentación personal
Presentación personalPresentación personal
Presentación personal
 
Bases de campeonato de VÓLEY INTERESCOLAR REGIONAL UDL
Bases de campeonato de VÓLEY INTERESCOLAR REGIONAL UDLBases de campeonato de VÓLEY INTERESCOLAR REGIONAL UDL
Bases de campeonato de VÓLEY INTERESCOLAR REGIONAL UDL
 
Tutorial 1.1 curso de car
Tutorial 1.1 curso de carTutorial 1.1 curso de car
Tutorial 1.1 curso de car
 
9 azas media belajar
9 azas media belajar9 azas media belajar
9 azas media belajar
 
Estructura social
Estructura socialEstructura social
Estructura social
 
Resume_RKMishra
Resume_RKMishraResume_RKMishra
Resume_RKMishra
 
Relacion autores y teorias
Relacion autores y teoriasRelacion autores y teorias
Relacion autores y teorias
 
Police and Community Relations - ScaleUp Partners
Police and Community Relations - ScaleUp PartnersPolice and Community Relations - ScaleUp Partners
Police and Community Relations - ScaleUp Partners
 
Творчий звіт 2015
Творчий звіт 2015Творчий звіт 2015
Творчий звіт 2015
 

More from Iceberg Networks Corporation

Yes, there is a better way to do vendor risk assessments!
Yes, there is a better way to do vendor risk assessments!Yes, there is a better way to do vendor risk assessments!
Yes, there is a better way to do vendor risk assessments!
Iceberg Networks Corporation
 
WEBINAR: Enhance your perspective of vendor risk with ServiceNow
WEBINAR: Enhance your perspective of vendor risk with ServiceNowWEBINAR: Enhance your perspective of vendor risk with ServiceNow
WEBINAR: Enhance your perspective of vendor risk with ServiceNow
Iceberg Networks Corporation
 

More from Iceberg Networks Corporation (11)

Yes, there is a better way to do vendor risk assessments!
Yes, there is a better way to do vendor risk assessments!Yes, there is a better way to do vendor risk assessments!
Yes, there is a better way to do vendor risk assessments!
 
How Archer users are leveraging Iceberg APS for a stronger GRC program
How Archer users are leveraging Iceberg APS for a stronger GRC programHow Archer users are leveraging Iceberg APS for a stronger GRC program
How Archer users are leveraging Iceberg APS for a stronger GRC program
 
Transforming compliance and audit management with ServiceNow
Transforming compliance and audit management with ServiceNowTransforming compliance and audit management with ServiceNow
Transforming compliance and audit management with ServiceNow
 
WEBINAR: Enhance your perspective of vendor risk with ServiceNow
WEBINAR: Enhance your perspective of vendor risk with ServiceNowWEBINAR: Enhance your perspective of vendor risk with ServiceNow
WEBINAR: Enhance your perspective of vendor risk with ServiceNow
 
Iceberg Webinar: Adding relevant financial context to your BCM program
Iceberg Webinar: Adding relevant financial context to your BCM program Iceberg Webinar: Adding relevant financial context to your BCM program
Iceberg Webinar: Adding relevant financial context to your BCM program
 
Webinar: Evolve Beyond the Third Line
Webinar: Evolve Beyond the Third LineWebinar: Evolve Beyond the Third Line
Webinar: Evolve Beyond the Third Line
 
Webinar: Getting a grip on application risk
Webinar: Getting a grip on application riskWebinar: Getting a grip on application risk
Webinar: Getting a grip on application risk
 
Case study: Getting a grip on application risk
Case study: Getting a grip on application riskCase study: Getting a grip on application risk
Case study: Getting a grip on application risk
 
Webinar: Vulnerability Management IT can fix it, but the business needs to ow...
Webinar: Vulnerability Management IT can fix it, but the business needs to ow...Webinar: Vulnerability Management IT can fix it, but the business needs to ow...
Webinar: Vulnerability Management IT can fix it, but the business needs to ow...
 
Solution Brief: Helping prepare for risk & compliance challenges for GDPR
Solution Brief: Helping prepare for risk & compliance challenges for GDPRSolution Brief: Helping prepare for risk & compliance challenges for GDPR
Solution Brief: Helping prepare for risk & compliance challenges for GDPR
 
RSA-Iceberg Seminar: Building an effective supplier risk management program
RSA-Iceberg Seminar: Building an effective supplier risk management programRSA-Iceberg Seminar: Building an effective supplier risk management program
RSA-Iceberg Seminar: Building an effective supplier risk management program
 

Recently uploaded

Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
lizamodels9
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
daisycvs
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
rajveerescorts2022
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
dlhescort
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
amitlee9823
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
amitlee9823
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Abortion pills in Kuwait Cytotec pills in Kuwait
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Workforce Group
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Aggregage
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
uneakwhite
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Damini Dixit
 

Recently uploaded (20)

Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture concept
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 

Iceberg-RSA Supplier Risk Webinar - January 18, 2017

  • 1. JONATHAN SWANSON Aetna DARREN McCUBBIN Royal Bank of Canada JOHN HEUER Iceberg MARSHALL TOBUREN Dell-RSA
  • 2. KEY QUESTIONS Why is supplier risk management so critical to success? What’s driving the need for greater maturity? Where do we start? What are the key challenges? What’s next?
  • 3. TODAY’S PANELISTS JOHN HEUER Iceberg MARSHALL TOBUREN Dell-RSA JONATHAN SWANSON Aetna DARREN McCUBBIN Royal Bank of Canada MODERATOR GLEN GOWER, Iceberg
  • 4. GOVERNANCE, RISK & COMPLIANCE (GRC) Governance How an organization is structured and managed to achieve strategic goals Risk Management Predicting and managing risks that affect the achievement of objectives Compliance Following policies, procedures, laws, and regulations. GRC: Maximize the efficiency and effectiveness of an organization and understand risk in a business context.
  • 5. GOVERNANCE, RISK & COMPLIANCE (GRC) Gartner: Seven primary markets of “integrated risk management… recognizing the interconnected nature of operational risk across an enterprise.” • Operational Risk Management (ORM) • IT Risk Management (ITRM) • IT Vendor Risk Management (VRM) • Business Continuity Management Planning (BCMP) • Audit Management (AM) • Corporate Compliance (CCO) • Enterprise Legal Management (ELM)
  • 6. RISK INTELLIGENCE Risk Data Trusted Aggregated, Transparent Decisions Informed Confident Effective Business Leaders Board Executives Management “Trusted, aggregated and transparent risk data for business leaders, enabling organizations to make informed, confident and effective decisions.”
  • 7. TOP OF MIND 42% of companies now describe themselves as highly vulnerable to vendor, supplier, or procurement fraud Kroll Global Fraud Survey 85% of companies reported suffering at least one supply chain disruption Zurich Financial Survey 90% of all FCPA cases involved third- party intermediaries Corporate Executive Board 76% of data breaches resulted from a third-party which introduced security deficiencies that were ultimately exploited Trustwave Global Security Report
  • 8. AREAS OF SUPPLIER RISK Financial Wherewithal Concentration Risk Strategic Risk Credit/Liquidity Operational Regulatory Compliance Information Security Business Resiliency Errors & Fraud Privacy Non-performance / Poor Quality Reputation Risk Inadequate Supply Chain Governance “Nth” party risk Legal
  • 9. JOHN HEUER Iceberg MARSHALL TOBUREN Dell-RSA JONATHAN SWANSON Aetna DARREN McCUBBIN Royal Bank of Canada MODERATOR: GLEN GOWER, Iceberg
  • 10. COMMON ARCHER USE CASES Centralize supplier inventory and processes across the enterprise Ensure that ownership, roles, and responsibilities are clearly defined, and develop efficient, repeatable processes Monitor and assess new/potential vendors, and ongoing monitoring of existing suppliers Enable “ask once, use many” approach to gathering data Reporting on risk posture to management & business unit owners
  • 11. COMPLEX SUPPLIER ECOSYSTEM Financial Counterparties Consultants Maintenance Companies Raw Material Suppliers Software Providers Couriers Law Firms Hardware Providers Landlords / Lessors Parts Suppliers Insurers Employment Agencies ISPs SaaS Providers Credit Bureaus Utility & Telecom Companies Marketing Companies Security Guards Accountants Medical Business Associates Property Managers Partners/Ventures Integrators Third-Party Sellers Identity Protection Providers Source: Shifting Toward Maturity, EY, June 2016 73% 21% 6% Less than 10,000 10,000-29,999 30,000-49,999 How many third party suppliers are in your organization’s inventory population?
  • 12. WHO OWNS SUPPLIER RISK? Source: Shifting Toward Maturity, EY, June 2016 45% 41% 14% Centralized (enterprise-wide 3rd party risk management office) Hybrid (3rd party risk management offices located within the business areas and centrally at the enterprise level) Decentralized (embeds 3rd party risk offices within each business area) 41% 38% 14% 7% “How is your 3rd party risk management program structured?” “What area has primary ownership of the 3rd party risk management function?” Procurement Operational & Enterprise Risk Information security Tech and operations
  • 13. WHERE DO WE START? Stakeholder Alignment “Weigh-In = Buy-In” Establish Clear Vision & Goals Executive Support CMO/FMO – how do we do it today, and how can we do it better? Start Small, Build Momentum
  • 14. ACHIEVING VALUE Source: The Deloitte Global CPO Survey 2016: Procurement: At a Digital Tipping Point? 43% 39% 32% 31% 30% 29% 25% 21% Consolidating spend Increasing level of supplier collaboration Increasing competition Restructuring existing relationships Reducing total lifecycle/ownership costs Specification improvement Restructuring the supply base Reducing transaction costs Where are CPOs focused on generating value in the next 12 months?
  • 15. ASSESSMENT OVERLOAD? 8% 21% 33% 27% 10% <50 51-100 101-250 251-500 >500 “How many questions are within your organization’s full-length control self- assessment questionnaires that are used to assess the highest-risk third parties?” Source: Shifting Toward Maturity, EY, June 2016 # of questions
  • 16. JOHN HEUER Iceberg MARSHALL TOBUREN Dell-RSA JONATHAN SWANSON Aetna DARREN McCUBBIN Royal Bank of Canada MODERATOR: GLEN GOWER, Iceberg