Glossary · Supply Chain
Third-Party Risk Management
The process of identifying, assessing, and mitigating risks arising from vendors, suppliers, contractors, and other external parties.
Full definition
TPRM addresses the reality that organizations depend on external entities whose failures, security lapses, or misconduct can damage the organization. The process includes due diligence before engagement, contractual controls, ongoing monitoring, and exit management. When a major cloud provider experienced an outage in 2021, thousands of businesses suffered disruptions, highlighting concentration risk in third-party relationships. Comprehensive TPRM programs assess financial stability, cybersecurity posture, compliance with regulations, operational resilience, and reputational factors across the vendor lifecycle.
vendor risksupply chaindue diligenceoutsourcingcompliance