Most Popular Stories
Events
Sponsored Links
Free Newsletter
FierceComplianceIT is a leading source of news and information on compliance IT in financial services. Join 14,000+ CCOs, CFOs, and CIOs who get FierceComplianceIT via weekly email. Sign up today!
About | View Sample | Privacy
Latest News
Popular Topics
Globalization and supply chain risks
![]()
We've discussed globalization a bit in the context of compliance. More people are waking up to risk at many levels, including vendor risks. As more companies outsource bits and pieces of their production processes, the risks have multiplied.
"This goes well beyond just outsourcing, and would include other areas such as; suppliers, service vendors, consultants and external auditors and even your supply chain's supply chain," says Brett Curran, Vice President of GRC and Regulatory Practices at Axentis. Every time a company expands its supply chain, it gives up a little more control. Or so it seems. Consider this: The typical company that earns $1 billion has more than 1,000 third-parties working with it. So "it's often difficult for companies to identify all of the vendors they do business with, let alone track and manage their potential risks, as well," Curran says.
So is this a Sarbanes-Oxley issue? Sure. Auditors ask clients to provide details about their third-party risk monitoring practices to ensure that the company is fully aware of who their vendors are and each vendor's potential impact on the bottom line. Often financial reporting is involved.
So this may be something to address. The GRC guide Red Book from the OCEG addresses this. It suggests that companies assess and manage third-party risk as if the third party was a part of their own company--daunting indeed. You can bet more GRC vendors, including Axentis, will be adding functionality in this areas. - Jim
Comments
Post new comment
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site MapTHE FIERCEMARKETS NETWORKFierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceVoIP | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe© 2009 FierceMarkets, Inc. All rights reserved. |
![]() |



Follow us on Twitter
Click here to get the FierceComplianceIT email newsletter for FREE!
Be the first to comment