{
  "docId": "019dd923-5de0-76bd-a16b-1d72bab18495",
  "docSlug": "0b0e77be71340a95",
  "documentTitle": "Third-party governance and risk management The threats are real",
  "authorId": "Deloitte",
  "authorName": "Deloitte",
  "documentKindSlug": "consulting-deck",
  "documentKindLabel": "Consulting deck",
  "sourceTypeSlug": "strategy_consulting",
  "sourceTypeLabel": "Strategy consulting",
  "presentationDate": null,
  "orientation": "landscape",
  "aspectRatio": 1.414,
  "pageNumber": 8,
  "pageCount": 39,
  "prevPage": 7,
  "nextPage": 9,
  "slideType": "key_takeaways",
  "function": "summarize",
  "density": "dense",
  "nDataPoints": 0,
  "notes": null,
  "elementsJson": [
    "headline_text",
    "numbered_list",
    "icon_grid"
  ],
  "metadataConfidence": 1,
  "imagePath": null,
  "slideHref": "/slides/019dd923-5de0-76bd-a16b-1d72bab18495/8",
  "deckHref": "/decks/019dd923-5de0-76bd-a16b-1d72bab18495",
  "deckJsonHref": "/decks/019dd923-5de0-76bd-a16b-1d72bab18495.json",
  "deckAnchorHref": "/decks/019dd923-5de0-76bd-a16b-1d72bab18495#slide-8",
  "components": [
    {
      "bbox": {
        "h": 0.6,
        "w": 0.2,
        "x": 0.5,
        "y": 0.2
      },
      "kind": "list",
      "text": "6. Third-party risk is starting to feature consistently on board agendas with CEO/ board-level responsibility in the more progressive organizations or those operating in highly regulated environments.\n7. Visits to third-party locations are considered the most effective method to gain assurance over third-party management.\n8. Most organizations are mandating consistent third-party governance standards amidst increasing decentralizations of operating units.",
      "attrs": null,
      "subkind": "numbered",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "250402eb-d78d-49cc-87cc-4e864b43fb38",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.6,
        "w": 0.2,
        "x": 0.28,
        "y": 0.2
      },
      "kind": "list",
      "text": "3. Third-party risk incidents are on the increase with customer service disruption and regulatory breach being considered the top risks.\n4. Increased monitoring and assurance activity over third-parties is believed to significantly reduce third-party risk.\n5. Organizational commitment to third-party risk management is not supported by confidence in the related technology and processes.",
      "attrs": null,
      "subkind": "numbered",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "a4706046-e87e-4d2d-aa77-f304bf644765",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.6,
        "w": 0.2,
        "x": 0.06,
        "y": 0.2
      },
      "kind": "list",
      "text": "1. As dependence on third-parties becomes increasingly critical, organizations are being compelled to rapidly “catch up” in enhancing the maturity of their TPGRM processes.\n2. The drivers for third-party engagement are progressively shifting from a focus on cost to a focus on value, reflecting organizational recognition of the strategic opportunity that third-parties can create for them.",
      "attrs": null,
      "subkind": "numbered",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "b6d397f2-b9ff-4601-9fb8-87dcd4f6422e",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.6,
        "w": 0.2,
        "x": 0.72,
        "y": 0.2
      },
      "kind": "list",
      "text": "9. Existing technology platforms for managing third-parties are considered inadequate.\n10. Organizations are in the process of deciding between centralized in-house models and external service-provider based models for third-party monitoring.",
      "attrs": null,
      "subkind": "numbered",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "dcc1e9a1-07d3-400e-a403-77a17df66db9",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.08,
        "w": 0.25,
        "x": 0.05,
        "y": 0.05
      },
      "kind": "title",
      "text": "Key findings",
      "attrs": null,
      "subkind": "headline",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "1705d76c-1a97-4e4b-b3e9-370fdeb6c8f5",
      "frameworkName": null,
      "frameworkSlug": null
    }
  ],
  "metrics": [],
  "tools": [],
  "frameworks": [],
  "arcBeats": [
    {
      "to": 9,
      "from": 6,
      "beatId": "0d451413-d496-44be-bb83-202eb223bf06",
      "arcName": "The Consultant's Gambit",
      "arcSlug": "consultants-gambit",
      "beatName": "Problem & Complication",
      "beatSlug": "consultants-gambit-problem-complication",
      "evidence": "The deck highlights the execution gap and reputation risks associated with third-party engagement",
      "position": 1,
      "confidence": 0.8,
      "parentBeatName": "Complication",
      "parentBeatSlug": "complication"
    }
  ],
  "loops": [],
  "imagePathAlt": null,
  "thumbSrc": null,
  "thumbSrcAlt": null,
  "locked": true
}