(Logo: http://photos.prnewswire.com/prnh/20090902/CL69632LOGO )
CFO Research Services conducted the online survey during the fall of 2011 on behalf of Crowe Horwath LLP, one of the largest public accounting and consulting firms in the U.S. More than 250 senior finance, information technology, line-of-business and senior executives from a wide variety of industries were surveyed. The types of harm from third parties that survey respondents reported include financial loss when the third party went out of business, lost customers due to poor quality of service, data security breaches, supply chain issues due to resiliency procedures and contractual violations that resulted in regulatory or other exposures.
"These days, no corporation is an island," said Rick Warren, a principal in Crowe's Risk Consulting practice. "The degree to which businesses rely on other organizations continues to increase, spurred by the need to continuously seek out new customers, improve quality and reduce costs. However, greater dependence on third parties increases a company's exposure to external risks over which it may have little direct control. This requires companies to seek different forms of assurance from these third-party organizations to assist in managing risks."
Virtually all respondents, 97 percent, indicated that at least one aspect of their organization's third-party risk management process requires improvement. More than half of the respondents reported that the ineffectiveness of their third-party risk management programs impeded their business activities.
Other survey findings include:
- When asked to pick the top two reasons to use third parties in the next two years, more than half – 51 percent – selected reducing costs. Thirty-six percent cited providing service capabilities, experience or expertise that their company currently lacks, and 24 percent are looking to increase their business's capacity.
- Only 21 percent of senior executives reported that their companies are very effective at identifying and managing third-party risks.
- Seventy-two percent of respondents say that they routinely consider security of information and information systems when selecting or renewing a third-party relationship. However, respondents also indicate that they have less visibility into the third party's own risk-related factors, such as the party's reliance on other companies, its ability to recover from failures and the background of its personnel.
- More than half of respondents also reported having some degree of difficulty in collecting risk-related information about a third party or monitoring third parties' risk management practices.
The survey also highlights the most common areas in which senior executives believe their company could improve, including improving visibility into the full range of risk exposures, defining responsibility for third-party risk more clearly and standardizing third-party risk management processes across the company.
To sign up for a webinar discussing this topic on June 13, please visit: www.crowehorwath.com/company. For more survey results and information on third-party risk management, please visit www.crowehorwath.com/tprmreport.
About Crowe Horwath
Crowe Horwath LLP (www.crowehorwath.com) is one of the largest public accounting and consulting firms in the United States. Under its core purpose of "Building Value with Values®," Crowe assists public and private company clients in reaching their goals through audit, tax, advisory, risk and performance services. With offices coast to coast and 2,500 personnel, Crowe is recognized by many organizations as one of the country's best places to work. Crowe serves clients worldwide as an independent member of Crowe Horwath International, one of the largest networks in the world. The network consists of 150 independent accounting and management consulting firms with offices in more than 580 cities around the world.
SOURCE Crowe Horwath LLP