Welcome to a special 5-part podcast series sponsored by Diligent. Over this series, we will consider a risk-based approach to third-party risk management. Over this series, I will visit with Michael Parker, the Director of Consulting and Advisory Services; Stephanie Font, Director, Operations Optimization Group; Kairi Isse, Group Manager of Managed Services Group, Productions; Adam Bailey, Senior Vice President, Product Management and Alexander Cotoia, Regulatory Compliance Manager from the Volkov Law Group. In this Part 2, I visit with Stephanie Font on the need for evaluation of potential third-party through questionnaires and determination of the necessary due diligence investigations to comply with regulations while navigating using questionnaires to uncover the truth.
What is the importance of understanding regulations and risk factors when creating questionnaires to help with due diligence? Through understanding the risk model and what specific regulations the company needs to comply with, creating effective questionnaires to help with due diligence can become easier. Stephanie also found out that having a due diligence risk management system can automate some of the processes and help flag any potential risk factors. With the help of questionnaires and due diligence, Stephanie was able to learn how to effectively document and investigate potential third parties.
Key Highlights
- How questionnaires can be used to comply with regulations and inform a risk model.
- How due diligence investigations can help to uncover risk factors in a potential third party.
- How a third-party risk management system can automate parts of the process.
Notable Quotes
1. “Knowing what you’re trying to comply with and thinking of those questions that are going to get you there is probably the top thing.”
2. “Don’t lose your common sense and listen if your gut tells you something’s wrong.”
3. “Documentation is key to creating an internal audit trail and having something to show to regulators.”
4. “Know your own risk model and build the risk model into the system to flag any potential risk factors.”
Resources
Stephanie Font on LinkedIn
Check out Diligent’s 3rd party products and services here.