Gartner Survey Shows Third-Party Risk Management “Misses” Are Hurting Organizations

Enterprise risk management (ERM) teams are struggling to effectively mitigate third-party risk in an increasingly interconnected business environment, according to Gartner, Inc.

In a Gartner survey of 100 executive risk committee members in September 2022, 84% of respondents said that third-party risk “misses” resulted in operations disruptions (see Figure 1). Gartner defines a third-party risk “miss” as a third-party risk incident resulting in at least one of the outcomes in Figure 1 once or more in the 12 months leading up to the survey.

“Most organizations have seen an increase in the number of third parties under contract in recent years,” said Chris Matlock, vice president, research in the Gartner Legal Risk & Compliance Practice. “Moreover, a majority of organizations are also using third parties for new-in-kind-services and have become more reliant on them to conduct their operations. While increased use of third parties can improve business operations in many ways, it also introduces risks that are causing notable impacts on organizations.”

Reposted from Gartner

  • Share: