Analyst Insight: The Gartner® Market Guide for IT Vendor Risk Management Solutions
Assess and continuously monitor your supply chain against ESG criteria
Environmental, social and governance (ESG) criteria include important guidelines that you can use to assess potential suppliers, vendors or other third parties against your organization’s own policies and customer expectations.
ESG risk management addresses three primary classes of risk:
Environmental criteria consider how a company performs in sustainability – for example their energy use, waste, pollution, and/or consumption of natural resources.
Social criteria examine how a company manages relationships with employees, suppliers, customers, and the communities where it operates – for example in diversity, human rights and protecting consumers.
Governance deals with a company’s management, executive pay, audits and internal controls, and shareholder rights.
As more governments consider ESG regulations, and customers expect sound ESG practices, now is the time to consider how your third parties stack up. The Prevalent Third-Party Risk Management Platform includes a dedicated ESG risk assessment that covers a wide range of topics. The platform also correlates assessment results with continuous external monitoring of vendor practices, making it easy to streamline and simplify your ESG reporting and compliance initiatives.
Ensure that all suppliers are meeting your corporate ESG compliance requirements for business operations
Minimize business disruptions with continuous visibility into each vendor’s ESG reputation and track record
Gain a clear picture of third-party ESG practices – before and after signing supplier contracts
Reduce complexity by centrally assessing and monitoring ESG risks with all other types of third-party risks
Simplify reporting and audit requirements with automatic regulatory mapping
Managing ESG Risks Across the Extended Enterprise
This analyst report from GRC 20/20 uncovers best practices for including ESG in your third-party risk management program.
Build comprehensive supplier profiles that compare and monitor vendor demographics, fourth-party technologies, ESG scores, information from the EPA Environmental Crimes Database, recent business and reputational insights, data breach history, and financial performance. See results in line with RFx responses for a holistic view of vendor risk.
Centralize the onboarding, distribution, discussion, retention, and review of vendor contracts, and leverage workflow to automate the contract lifecycle, ensuring enforcement of ESG requirements.
Use a simple assessment with clear scoring to track and quantify inherent risks for all onboarded suppliers.
Leverage a dedicated ESG risk assessment that examines risks from 10 common ESG domains including: Community; CSR strategy; Emissions; Human rights; Innovation; Management; Product responsibility; Resource use; Shareholders; and Workforce.
Continuously monitor ESG-related business and operational news updates complementing ESG scores available out-of-the-box in the comprehensive supplier profile.
Access qualitative insights from over 550,000 public and private sources of operational information, including M&A activity, business news, management and leadership changes, competitive news, new offerings, operational updates, and more.
View consolidated adverse media and negative news coverage sourced from 30,000 global news sources.
Tap into financial information from a global network of millions of businesses across 160+ countries. Access 5 years of financial performance data, including turnover, profit and loss, shareholder funds, credit ratings, payment history, bankruptcies, investments, and more. Screen new vendors and monitor existing vendors for informed sourcing decisions.
Screen against a global PEP database with access to over 1.8 million politically exposed person profiles, including families and associates, to instantly identify potential leadership risks.
Screen potential vendors against sanctions lists (e.g., OFAC, EU, UN, BOE, FBI, BIS, etc.), plus over 1,000 global enforcement lists and court filings (e.g., FDA, US HHS, UK FSA, SEC, etc.), to proactively identify prohibited relationships.
Enable vendors to submit proactive event assessments related to environmental disclosures, board changes, notifications and other events – and dynamically update their risk scores based on the results.
Normalize, correlate and analyze assessment results and continuous monitoring intelligence for unified risk reporting and remediation.
Simplify ESG compliance reporting by mapping assessment results and risks to common ESG frameworks such as the EU Corporate Sustainability Reporting Directive (CSRD), the German Corporate Supply Chain Due Diligence Act (LkSG), the Global Reporting initiative (GRI), ISO 26000, the Sustainability Accounting Standards Board (SASB), the Task Force on Climate-Related Financial Disclosure (TCFD), and the United Nations Global Compact (UNGC).
Take actionable steps to reduce ESG risk with built-in remediation recommendations and guidance.
Store and distribute energy, pollution, diversity, accounting and conflict of interest policy documents and more for dialog and attestation. Leverage built-in automated document analysis based on AWS natural language processing and machine learning analytics to confirm key criteria are addressed.
Identify, alert and communicate exceptions to common behavior with built-in report templates.
We are now able to properly conduct risk assessments, both internal and external, leveraging this fantastic platform. It gives us a level of confidence previously lacking in vendor onboarding and contracting.
— VP, Technology & Security, First Protocol Inc., d/b/a FIRST
Reduce the potential for business disruption by ensuring that new vendors adhere to legal environmental and labor practices.
Add context to cybersecurity assessments and automate the scheduling, collection, analysis, management, and remediation of vendor risks in a central platform.
Ensure that supply chain partners have sound ESG policies in place to reduce the risk of fines, non-compliance and reputational damage.
How Do Ethics, Compliance, & Diversity Impact Third-Party Risk?
This panel-style webinar features third-party risk experts from BNY Mellon and Seyfarth Shaw as they discuss strategies for expanding the scope of assessment to address compliance, ethics, and diversity.
Environmental, social and governance practices are under increasing regulatory scrutiny. How well is your third-party risk...
A new analyst report from GRC 20/20 shares best practices for mitigating ESG risks in your...
Proper oversight of ESG requires expertise in third-party risk management and compliance with associated regulations.