Skip to main content

Key Take-Aways from Third-Party Risk Roundtable

I recently had the pleasure of chairing a third-party risk management (TPRM) roundtable of senior procurement professionals, an event sponsored by Scanmarket with representation from a diverse set of sectors. As ever the approach, sponsorship and engagement around the topic of TPRM varied widely by organization and not necessarily by sector, save for those in the Financial sector who already have the Prudential Regulation Authority SS2/21 to observe, which came into effect on 31st March 2022.

 Key Challenges

Some of the key challenges we heard could be grouped into the following areas:

  • Effective and proactive sponsorship and in turn governance
  • Clarity of the organizational “risk threshold”
  • Support and effective engagement with the SME’s within a supply chain
  • The ongoing issue of making “speedy decisions that are sub optimal” when there isn’t a structured and enterprise/supply chain wide approach.
  • The challenges of creating a materiality map and the fact that this needs to be dynamic not
  • Visibility of supply chain beyond tier 1 still remains and issue (and tiers 2, 3 & 4 represent the largest risk to disruption in supply chains ate around 70%)

Action Points

Going forward there was a lot of consensuses around some key themes irrespective of the size, sector, geography and relative spend of the organizations, which I have summarized as follows;

  • Agility and flexibility are key given the dynamic environment and will remain for the foreseeable future.
  • Ongoing supplier risk profiling can only be realistically and effectively achieved through harvesting and presenting actionable insights through a digital platform
  • The activity in TPRM continues to extend and specialize the skill sets needed in a modern procurement function.
  • The risks for organizations are becoming greater and investment in resource to effectively address TPRM is a must, not a nice to have.
  • The regulatory landscape is increasing and so organizational needs to align with this shift.
  • Drive visibility in supply chains beyond tier 1 with associated data and insights to counter risk and disruption to supply chains.


In summary we have an obligation as a function to make this a priority to ensure we can deliver value. Further two quotes stuck in my mind from the session:

We need to take a different approach as the old rules don’t apply.”
“We need to have the skills to translate the issues for different people and disciplines across the organization."

In short, develop and master new skills to ensure we continue to add value.

David Loseby


With over 30 years’ experience at senior executive/director level driving value and change through procurement, organisational transformation and change management, my background spans a variety of roles with significant global experience and responsibilities in both private and public sectors (pharmaceuticals, banking, FMCG, manufacturing, consulting, retail, aerospace & defence, venture capital, healthcare (NHS) & local Government. Formerly Group CPO for Rolls Royce, I was the principal architect behind the behavioural science led approach to adoption of a new digital platform.

Request Quick Call

Thank you. We will be in touch shortly.