1、|2Table of Contents Introduction 3The Third-Party Risk Management Life Cycle 6TPRM Trends on the Horizon 7TPRM Governance and Oversight Trends 8TPRM Technology Trends 10TPRM Risk Focus Trends 11How to Stay Ahead of the Curve 16Increase Executive-and Board-Level Involvement 17Prioritize TPRM Initiati

2、ves Based on Risk 18Enable Continuous Monitoring 18Consider Cyber Insurance Coverage 19Assess TPRM Maturity 20Conclusion 23About the Authors 24About AuditBoard 26About RSM |3IntroductionThe use of third parties for critical business functions has grown exponentially inrecent years.A trend that was s

3、tarted as companies began to embrace digital transformation spiked during the pandemic and shows no signs of abating.While leveraging third-party suppliers,vendors,partners,or software providers for core functions can offer efficiencies,cost savings,and other benefits,it also exposes companies to a

4、variety of risks(see Figure 1).Unfortunately,most companies are still struggling to mature their third-party risk management(TPRM)programs,leaving them vulnerable unaware of the risk theyve taken on,and unprepared to respond in the event of an incident.Many businesses learn this the hard way:59%of o

5、rganizations surveyed in CrowdStrikes 2022 Global Threat Report didnt have a response strategy in place when they suffered their first software supply chain attack.CrowdStrikes report also found that while 84%of respondents believed supply chain attacks could become“really significant”over the next

6、three years,only 36%had vetted all new and existing suppliers in the past year.Recent breaches such as LastPass are impacting public companies that are now required to take action on these types of supply chain breaches.A 2023 AuditBoard poll of 1,000+internal audit and risk leaders showed a similar