SIG University Certified Third-Party Risk Management Professional (C3PRMP) program graduate Noelia Valentina Novoa Pena discusses the value of Third-Party relationship management and how it can help take your team to the next level.
- Due Diligence Questionnaire (DDQ) and Due Diligence Assessment (DDA) containing non-specific and confusing language that does not directly match either the regulatory guidance or a relevant activity to effective risk identification of a material risk.
- Identifying duplicative questionnaire questions causing supplier response confusion and prompting immediate and additional requests for clarification extending the overall timeline for effective due diligence completion.
- Recognizing duplicative questions that exist across assessments that could be better addressed by subject matter experts better qualified to assess those particular risks. Noelia Valentina Novoa Pena Essay – C3PRMP
- Improving alignment of DDQ & DDA questions to current OCC guidance for assessing and managing the relevant key third and fourth-party risks.
- Improving efficiency by clarifying existing questionnaire language. i.e., a recommendation for clarifying Third Party and business expectations for requested artifacts in support of demonstrating appropriate third party risk controls and risk-mitigating activities.
- Recommending reduction to the overall volume of questions by combining or removing duplicative and redundant questions by 27%.
- Recommendation to consult and align similar questions with other risk dimensions.
- Recommendation to consult the Compliance team to ensure compliance with the processing and regulatory requirements.
- Recommendations and paths for consideration to updating our system of record to reflect changes made to DDQs and DDAs questions and related communications with a minimal impact on technology costs.
SIG University's Certified Third-Party Risk Management Professional (C3PRMP) program is a globally recognized certification that is the “gold standard” in terms of relevance, scope and content. The C3PRMP program was created by Linda Tuck Chapman, an advisor, educator, author and expert.
MBA, BSc. Actuarial Sciences, with thirteen years of professional experience in Enterprise Risk Management (ERM) and Third Party Risk Management (TPRM). I started my professional experience at PwC in the Risk & Value Management department, in which I was part of the team that implemented ERM frameworks for financial and non-financial institutions in Latin-American countries and performed audits to evaluate compliance with regulations and international risk-standards.
I continued my career in the Financial Services industry managing the Enterprise Risk Management departments in which I developed ERM frameworks from scratch and developed methodologies and financial models to assess credit risk, market risk, liquidity risk and operational risk. Currently, I am part of the Third Party Risk Management (TPRM) due diligence team that performs operational, people and subcontractor assessments in the First Line of Defense (FLOD), in addition to other TPRM activities.