{"id":19823,"date":"2024-05-28T14:00:42","date_gmt":"2024-05-28T17:00:42","guid":{"rendered":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/?p=19823"},"modified":"2024-05-28T12:35:23","modified_gmt":"2024-05-28T15:35:23","slug":"auditing-third-party-risk-management","status":"publish","type":"post","link":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/livros\/auditing-third-party-risk-management\/","title":{"rendered":"Auditing Third-party Risk Management"},"content":{"rendered":"

\"AuditingThe Institute of Internal Auditors<\/strong><\/span><\/p>\n

Overview:<\/strong><\/span> Organizations leverage and rely on third-party providers, as well as subservice or \u201cfourth-party\u201d providers, to conduct business activities. 1 These relationships continue to expand and evolve, introducing numerous risks that must be continuously assessed and appropriately managed by the organization to achieve desired business outcomes. In regulated industries, courts of law, and the court of public opinion, an organization cannot escape blame, including potentially severe repercussions in terms of reputation or financial penalties, if a third-party provider fails to perform as contracted or suffers its own unfortunate event or unethical practices.
\nBecause organizations and their customers can suffer adverse consequences as a result of the actions (or inaction) of their third-party providers, regulators and standard-setting organizations for some industries (e.g., financial services) have established rules, regulations, and guidance concerning the management of third-party providers. These rules can mandate sophisticated third-party risk management models, but the principles used to construct these regulatory requirements are adaptable by other industries that may not have defined benchmarks or parameters to guide them in developing and executing third-party risk management.
\nThis guide introduces internal auditors to the concept of a third-party risk management framework as an element of a larger enterprise risk management framework. It also considers that organizations come in all shapes and sizes, with differing availability of resources, tools, and techniques. To that end, this guide prompts internal auditors to learn the objectives of the organization\u2019s third-party provider selection and management process. It also provides practical considerations for developing an audit of the organization\u2019s third-party risk management methods.
\nLearning the elements of an organization\u2019s third-party risk management processes may enable the internal audit function to identify areas where the organization may obtain additional value from their third-party relationships while helping the organization protect itself from unnecessary risk exposure.<\/p>\n

\"Download\"<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

The Institute of Internal Auditors Overview: Organizations leverage and rely on third-party providers, as well as subservice or \u201cfourth-party\u201d providers, to conduct business activities. 1 These relationships continue to expand and evolve, introducing numerous risks that must be continuously assessed and appropriately managed by the organization to achieve desired business outcomes. In regulated industries, courts of law, and the court of public opinion, an organization cannot escape blame, including potentially… <\/p>\n","protected":false},"author":3,"featured_media":19824,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,117,112,51,19],"tags":[],"class_list":["post-19823","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-livros","category-consulting-and-auditing","category-download","category-english","category-risco-e-perdas"],"views":430,"_links":{"self":[{"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/posts\/19823","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/comments?post=19823"}],"version-history":[{"count":1,"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/posts\/19823\/revisions"}],"predecessor-version":[{"id":19825,"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/posts\/19823\/revisions\/19825"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/media\/19824"}],"wp:attachment":[{"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/media?parent=19823"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/categories?post=19823"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bibliotecadeseguranca.com.br\/en\/wp-json\/wp\/v2\/tags?post=19823"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}