Author: sal.petriello

Summary: There is a growing interest to call third-party risk management ‘Extended Enterprise GRC/Risk’ instead of third party. The reason for this being that the modern organization is not defined by brick-and-mortar walls and traditional employees. Today, third parties are part of the organization and that is an extended enterprise. Talking about “third parties” as such makes it feel that these relationships are more of a commodity that can be scrapped instead of being a vital part of the organization and what it delivers. Imagine the loyal customer of a small community financial institution, a regular user of its mobile…