Legacy assessment based third-party risk management (TPRM) practices have struggled for years to keep pace with business needs. During the COVID-19 crisis, these shortcomings became even more acute. Companies faced additional unanticipated challenges involving the rapid onboarding of new service providers, without a way to access a current view into the associated risks.

In a rapidly changing risk landscape, the data collected in periodic assessments quickly becomes stale. Today, effective risk mitigation requires continuous monitoring to provide a current, near real-time view of risk exposure. The new standard in risk management requires always-on, continuous monitoring capabilities of a full stack of risk domains, fully integrated into a company’s governance, risk and compliance (GRC) platform.

Achieve continuous compliance and resiliency

In the aftermath of COVID, improving business resilience is the top priority. The challenge lies in managing the tremendous volume of continuous risk data cost-effectively and time-efficiently to generate the actionable risk intelligence required for effective risk mitigation.

Successful risk mitigation is not simply about knowing the risks — it is about taking action. A Risk Operations Center (ROC) approach is a leading-edge risk management practice that enables businesses to achieve their resiliency and business disruption avoidance goals through appropriate and timely risk mitigation action.

The ROC is an ongoing and proactive approach to risk that is flexibly staffed up or down as the risk environment requires. Not established as a reaction to a current crisis, it is always-on, continuously monitoring, planning, and ready to manage rapidly evolving risk events or risk trends.

The ROC contains the following components:

  • Listening Post: Uses AI and automation to continuously collect real-time intelligence.
  • Workflow Management Tool: Routes relevant risk intelligence to the appropriate action and resources.
  • Risk Response: Powered by automation and a human team, assesses the intelligence for relevance and triggers internal and external actions, both automated and human.

Introducing IBM OpenPages with Watson and Supply Wisdom®

Working together with IBM OpenPages and Supply Wisdom, organizations can have a comprehensive view into their external risk environment with automated continuous risk monitoring and near real-time risk intelligence.

Using the ROC methodology, Supply Wisdom functions as the Listening Post. Using AI and automation, Supply Wisdom identifies potential risk events and collects, validates and analyzes risk data with the potential to disrupt business operations. In addition to AI and automation, Supply Wisdom leverages human curation to ensure no noise in their risk intelligence. Supply Wisdom’s continuous monitoring provides near real-time risk metrics, risk ratings, risk reports, risk event alerts and risk actions on the monitored entities.

From there, Supply Wisdom’s continuous risk intelligence feeds into the OpenPages Third Party Risk Management solution, initiating an integrated view of risk across a full stack of risk domains. The feed brings in a comprehensive view of risk across a broad set of risk domains, enabling quarterly trend analysis by composite rating and individual domain ratings. Supply Wisdom’s full-stack risk domain coverage includes Financial, Cyber, Operations, ESG (Environmental, Social & Governance), Compliance, Nth party and Location risks.

The OpenPages workflow management functionality incorporates the organization’s risk appetite, tolerances, thresholds, and scores to determine the appropriate risk mitigation actions for each risk event finding and alert forwarded by Supply Wisdom. Data science and automation help to drive the corresponding risk actions.

Risk Response is the third component in the ROC process that handles the risk mitigation efforts needed for the most critical risk events. Risk professionals can appropriately evaluate and escalate risk intelligence and findings to apply mitigation strategies, if necessary, to align risk exposure with accepted risk appetite. As automation can be used to address most risk findings, human risk resources are engaged to focus on only the most critical risk mitigation actions. Any risk findings are captured in OpenPages issue management functionality to track resolution of identified risks. Supply Wisdom automatically recognizes the mitigations and reflects that in its risk ratings.

By leveraging tools such as robotic process automation (RPA), machine learning and AI, Supply Wisdom helps with data collection and validation, sentiment analysis and impact analysis to determine the potential risk impact to the organization. Using these tools, human resources are freed from spending countless hours gathering and validating data, allowing them to save time on risk identification, while ensuring zero false positives.

A Risk Operations Center built around Supply Wisdom’s continuous risk monitoring and near real-time risk intelligence and IBM OpenPages workflow capabilities ensures minimal human intervention for risk identification and analysis, enabling an organization to focus their efforts on only the most critical risk mitigation efforts.

Learn more about IBM OpenPages Third Party Risk Management

Was this article helpful?

More from Artificial intelligence

Self-service that delights customers: How the IBM Partner Ecosystem is harnessing generative AI assistants in the banking and financial sectors

4 min read - Thanks to the transformative benefits promised by generative artificial intelligence (AI), the banking and financial sectors are at a turning point. From redefining a bank’s competitive edge in customer relationships to streamlining core banking operations and strengthening cyber-resiliency, AI technologies can unlock numerous new capabilities. Institutions are already seizing the opportunity. The 2024 Global Outlook for Banking and Financial Markets from the IBM Institute for Business Value (IBM IBV) revealed that 78% of the 600 executives surveyed tactically deploy generative…

Meta releases new Llama 3.1 models, including highly anticipated 405B parameter variant

7 min read - On Tuesday, July 23, Meta announced the launch of the Llama 3.1 collection of multilingual large language models (LLMs). Llama 3.1 comprises both pretrained and instruction-tuned text in/text out open source generative AI models in sizes of 8B, 70B and—for the first time—405B parameters. The instruction-tuned Llama 3.1-405B, which figures to be the largest and most powerful open source language model available today and competitive with the best proprietary models on the market, will be available on IBM® watsonx.ai™ today where…

IBM watsonx Challenge empowers partners to solve real-world problems with AI

2 min read - In June, IBM invited ecosystem partners in Europe, the Middle East and Africa to participate in an IBM watsonx™ Challenge, a hands-on experience designed to bring the watsonx platform capabilities to some of the most important members of the IBM ecosystem. These ecosystem partners, who sell, build or service IBM technologies, enthusiastically embraced the challenge. Participants formed teams and focused on quickly crafting a solution to one of three selected challenges.   The challenges included using prompt engineering to analyze…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters