The Bain Of The Unknown

Image of third party risk management

SIG University Certified Third-Party Risk Management Professional (C3PRMP) program graduate MJ Ellis shares a unique perspective on the fundamentals of effective third-party risk management through the panes of Johari's Window.

The unknown. The unexpected. Third-Party Risk stands in the gap fostering understanding and planning where uncertainty filters deficits in knowledge and preparation. Larger questions fixate on detail, reveling into the reaches of business impact analysis to answer questions of impact and longevity. When selecting a supplier to meet business needs, the quality of matching values cannot be over-emphasized regarding focusses on governance and quality significance. The question seeming to dictate success reflects whether this supplier can add to business objectives or has the power to strip that potential away. Awareness in sectors of business realizations and future planning depends on how well that question can be answered.
The subject of Johari Window truly marks the pretext for increased visibility and understanding of where to begin. Where do blind spots lie? What blocks our sight of them? How can we shine a light on them and ultimately resolve what illuded our tunnel-visioned focus? Expectations expose areas where our beliefs extend to assumptions. Do we assume our supplier values critical method areas that may, in actuality, not be effectively monitored? Aligning the business functions of a contracted service to pair with organization standards involves interpreting a proper narrative. What is the proportional truth versus the expected or proposed?
The primary window detailed in Johari Window focuses on the known. A company can devise and even study its methodologies. A program can describe why it functions in a certain way and how alternate methods would not rise to the same occasion. Knowledge known is just that, knowledge in our mind, eyes, and primary focus. However, this sense of understanding can blind us or even cripple our perspective on how other organizations and hence suppliers self-regulate and weigh the profit versus risk complexity.
The first proper step to awareness and co-dwelling from the supplier’s point of view comes into play with the second window. ‘You don’t know what you know.’ Creating a line of sight between your company and another straightens focus to plan detail leveling balance and stipulating agreements. For instance, does your organization and the supplier’s organization equally value information security monitoring? What policy standards do they seek internal protection from?
Hence, we can ascertain the value of protocols for data safety mitigation and ongoing tracking through risk monitoring. Standards of internal data value often equate to external data protection. Entrusting the wrong supplier with critical information can damage reputation and cluster salvage attempts to recover personal reputation.
Delving into due diligence and risk assessment provides assurances of service standards that can be contractually assured. With the third pane in Johari’s Window, we can direction gaps in awareness and use that ignorance to our benefit. Questions can prove incredibly useful in gaining perspective. The primary objective when contracting a service remains to receive what is expected in the way you expect it.
Being at a place where specific details aren’t clearly classified at times is a better place to begin than building a supplier relationship off unspoken expectations that can create gaps for service failures. Lack of preparation can cause catalyst circumstances where a supplier is not contractually obligated to provide the bare minimum of proposed expectations. Trainings. Demos. Options exist and should be considered carefully to concur draft states of service and future states of service through system implementation.
The last pane of Johari’s Window, ‘You don’t know what you don’t know, truly optimizes the ultimate reasoning for risk exploration before investing in critical decision-making. The more research and outlined business requirements, the greater the learning curve. Often in the supplier onboarding process, questions will inevitably result when the production of supplier product applications can truly be understood in the context of organizational needs. Once we fully understand product capability, new focal points of risk often arrive. This proves the importance of risk reassessment and constant monitoring of supplier access to our organization’s information and forward-facing representation. Many dependencies exist as a result of many unknowns.
Nonetheless, these unknowns can be facilitated and nurtured to reduce contracting principles and create strong controls that pinpoint the starting point for excellent governance. The balance between effectively creating a spectrum of power and overreaching resources ineffectively remains a thin line. Working diligently, categories and stipulations of risk seek to dial down areas where risk outweighs the intrinsic values of mutual relationships. Founding excellent standards to identify risk concentrations in a time-sensitive way can save a company physically and intrinsically.
Overall, personally understanding the philosophy of Johari’s Window will allow an inept understanding of various banking scenarios and increase the likelihood of in-depth searching within and outside of general expectations of product provision. Scaling external business requirements to focus on known and unknown areas will allow the opportunity to solve problems before critical areas of address arrive. Understanding the potential of suppliers, a third-party risk program can promote profit and innovation while removing the eerie acquaintance with the Bain of the unknown.  

SIG University's Certified Third-Party Risk Management Professional (C3PRMP) program is a globally recognized certification that is the “gold standard” in terms of relevance, scope and content. The C3PRMP program was created by Linda Tuck Chapman, an advisor, educator, author and expert.

MJ Ellis, Third-Party Risk officer, Zions Bancorporation
Majesta Ellis is an accomplished risk mitigator, creative visionary, process educator, and explanatory transformist. Focusing on consistent and steady improvements, Majesta Ellis has fashioned execution to excel in system improvements in health care, engineering, and banking industries.
Within a sublime undertaking and seven years of experience, she has emphasized the values of imagination in a redesign. Her engaging roles in team projects have forwarded process design in the planning, building, testing, and production phases of project management and business contingencies. She has amassed positions at Zions Bancorporation, Corewell Health, and First Hawaiian Bank. In addition, advancement efforts have directed scholarly contributions in Human Factors Engineering as a research assistant to Ph.D. Professor Dr. Justin Young at Kettering University.
Layered by a keen perception, her pioneering ideas have ignited positive change to escape patterned mediocrity to excel in vision and innovation to silence bottlenecks of routine. Acting as Third-Party Risk Officer at Zions Bancorporation, she pinpoints risk components at multiple factors to create an acceptable risk appetite for onboarding suppliers. Partnering with global vendors, she connects Zions Bancorporation to suppliers by driving invention and a culture centered around data integrity.
Majesta Ellis played an essential part in integrating Corewell Health’s medical record systems adjoining technical processes for eight hospitals in merge while spearheading measures of pharmaceutical patient safety.
Devoted to technical redesign, she fostered the program vision to integrate a new Inherent Risk Questionnaire to increase core transparency and dialogue for First Hawaiian Bank’s renewed brand of risk foresight.
Majesta’s stellar commitment to research creates a narrative of character and drive to revolutionize the “why” behind innovation and the “how” behind the discovery. Her dawning enthusiasm joins worlds of creativity and analytics to architect rewarding results.