Skip to main content
Case studies

TPRM - Financial Case Study

TPRM Financial Case Study

Requirement

Assist a large and growing Midwest-based community bank with multiple branch locations in developing a comprehensive Third-Party Risk Management (TPRM) program for better managing their key suppliers in terms of risk.

Issues

With multiple branch locations all throughout the Midwest, the client was relying heavily on numerous suppliers for critical information security and operational solutions. Furthermore, no formal due-diligence measures had been performed on any of the client’s most important suppliers for technology services.

The audit committee for the bank recommended developing a comprehensive TPRM program for all of their suppliers - and immediately.

Additional issues for the client

Lack of Experience with TPRM for Suppliers: The client had no real familiarity with the concept of TPRM, as no meaningful due-diligence had ever been performed on their growing supplier base.

Lack of Internal Expertise with TPRM: While the client had numerous compliance officers - all well-versed on banking regulatory issues - none of the personnel had any experience in developing, implementing, or managing a TPRM program.

Unclear Roadmap: The audit committee, senior leadership, compliance, and the IT department all had vastly different strategies and viewpoints on how to undertake a TPRM project. Because of this, there was no real consensus on how to even begin the project.

Solution

Centris deployed a team of TPRM experts that successfully accomplished the following:

  • Defined project scope and client participation.
  • Developed an aggressive, yet achievable roadmap with defined milestones and deliverables for the entire TPRM project.
  • Established contact and working relationships with all external suppliers to begin the all-important task of including them in the overall TPRM project.
  • Completely reviewed all external suppliers, assessed their respective services being provided, ranked them accordingly in terms of risk, along with undertaking other essential TPRM activities.

Outcome

  • Built and deployed an extensive TPRM program - complete with policies, procedures, and processes consisting of a mixture of automated and manual controls.
  • Created a true culture of compliance where employees now understand and value information security, cybersecurity, and data privacy.
  • Implemented a continuous monitoring program for ensuring controls are properly monitored long after the consultants are gone.

Duration: 3.5 Months

Get the case study

Download the case study
Why Centris
As an internationally recognized business consulting firm, our highly trained employees work in every conceivable industry/sector in the global business arena. Centris has the knowledge and expertise you need for solving the challenges you’re facing. Our professionals are at the forefront of many of today’s most pressing risk, privacy, cybersecurity and compliance issues affecting organizations. We have a deep bench of talented professionals ready to go to work for you.
Ready to talk?