Iceberg’s Third Party Risk Management 


Iceberg recently worked with a large U.S. financial organization to centralize and automate a number of Third Party Risk Management (TPRM) processes within a GRC solution, in order to achieve greater efficiency and effectiveness.

The Challenge

Many of the organization’s vendor risk management activities were being done using tools like Excel, Sharepoint and PeopleSoft, posing a number of challenges including:

  • Overall vendor management: Getting an accurate, centralized view of all engagements for a vendor was difficult, and there was no way to aggregate risk scores between engagements. Information about vendors was disjointed in numerous spreadsheets and internal documents.
  • Risk assessments: The Excel-based questionnaire had become unwieldy because of the sheer volume of questions, answers, reviews, and comments (in some cases covering nearly 1,000 control questions) and they were having trouble scaling this approach due to the number of engagements. The organization needed a logic based questionnaire to reduce the complexity of the assessment process.

By clicking 'Download Now' you agree to our Terms of Use. We take your privacy seriously. For more information please read our Privacy Policy. By registering with the Enterprise Guide you will automatically receive our weekly Product Update and Technology Insider eNewsletters.

Copyright 2021 Enterprise Guide. All Rights Reserved. Terms of Use | Privacy Policy