SIG University

Laying the Foundation for a Vendor Management Program

A Senior IT Consultant talks about shaping a risk culture and standardizing her company's vendor review process.

While enrolled in SIG University's Certified Third Party Risk Management Professional (C3PRMP) Program, Wendy Hsu was able to immediately apply what she learned and contribute her expertise toward sourcing a third-party risk management tool to develop her organization's Third Party Risk Management Program.

In the C3PRMP program, students focus on best and emerging practices to identify, assess, manage and control third-party risk throughout the lifecycle of relationships, and learn how to align risk fundamentals and frameworks with risk culture to develop the essential tools and controls for effective governance.


In more ways than one, the learning opportunity with SIG University’s Certified Third Party Risk Management Professional (C3PRMP) program was more than coincidental. Earlier in the year, I had chosen the C3PRMP program to fulfill my 2019 Individual Development Plan objective. Little did I know that by July I would be fully engaged in assisting my manager to source a suitable third-party risk management tool and develop a project plan to implement our future Third Party Risk Management (TPRM) program. While the timing of my taking the certification program couldn’t be better, the challenges ahead of my company’s TPRM program (which will soon be called Key Vendor Management Program) couldn’t be greater given we are a young company still in the process of shaping our risk culture and standardizing our vendor review process.

Wendy Hsu, Sr. IT Procurement Consultant, Venerable

Change Management: A People and Culture-Driven Approach

Change management is an important part of governance.

After a reorganization within his company, a SIG University graduate applies lessons learned in the Certified Supplier Management Professional (CSMP) program to facilitate a people- and culture-driven change management approach to bring his company into regulatory compliance.

The CSMP program exposes students to leading-edge training on contract administration, compliance, risk mitigation, performance, governance operating models, talent management support, transformation and more to help companies put effective governance programs in place.


 

The Certified Supplier Management Professional (CSMP) program from SIG University discussed the importance of GR&C and provides samples of governance models with roles and authorities, its relationships, and communication structures in relation to the procurement or sourcing strategies of an organization. I was glad to see these topics discussed as it confirmed the need for reorganization within my company, which now has clearly defined roles and responsibilities between governance and third party risk management and the sourcing department. 

David E. Romo-Garza, Director of Business Risk and Controls

SWOT Analysis: A Procurement Best Practice

SWOT Analysis graph

A Certified Sourcing Professional (CSP) student rediscovers the benefit of SWOT analysis, a tried and true procurement best practice. In the CSP program, students focus on the hard and soft skills of sourcing, including strategic sourcing and outsourcing methodologies, as well as best practices in negotiations. 


It is common for many procurement professionals to lose sight of the basics and fall into a pattern of just following along with the habits they’ve built through the years. During SIG University’s Certified Sourcing Professional (CSP) program, I was able to take a step back and evaluate some best practices that seem to have fallen off in my procurement department.

Within my organization, as with many, there is a never-ending sense of urgency when internal stakeholders come to us with sourcing or contracting needs that they would like completed yesterday. By actively embracing SWOT analysis, procurement would be able to better serve its stakeholders. This analysis would provide better oversight of issues as they arise and increase the potential of solving business issues with enhanced results.

Sammi Kiesel, Strategic Sourcing Advisor

Breathing New Life into Traditional Vendor Management

Vendor risk management is part of effective governance.

SIG University Certified Third Party Risk Management Professional (C3PRMP) Program graduate David England has noticed a decline in vendor management teams. He shares his thoughts on how the adoption of third-party risk management strategies by vendor management teams can help position them as a key asset and reverse their decline.

In the C3PRMP program, students focus on best and emerging practices to identify, assess, manage and control third-party risk throughout the lifecycle of relationships, and learn how to align risk fundamentals and frameworks with risk culture to develop the essential tools and controls for effective governance.


There is a growing awareness within the mainstream business community of the importance associated with effective third-party risk management – a capability that has been nicely incubating and maturing within heavily regulated industries, such as banking and financial services, for eons. This increased exposure and attention could be just what is needed to revitalize the flagging vendor management movement.

Many F500 organizations have well-established vendor management capabilities that spawned several decades ago with the onset of strategic process outsourcing and continue today as an effective operational strategy. Many organizations I have consulted with over the past 15 years benefit from these capabilities, which has helped them achieve the value intended from these important vendor relationships. These key capabilities include:

David England, Director, Governance Services at ISG

Aligning Risk Management Tools to Protect Customer Data

SIG University's Certified Third Party Risk Management Professional Program helps protect against company data breaches

SIG University Certified Third Party Risk Management Professional (C3PRMP) Program graduate Cindy Lingerfelt works at Blue Cross Blue Shield of Florida. She shares what she’s learned about third-party risk management and how her small team plans to build a stronger risk culture.

In the C3PRMP program, students focus on best and emerging practices to identify, assess, manage and control third-party risk throughout the lifecycle of relationships, and learn how to align risk fundamentals and frameworks with risk culture to develop the essential tools and controls for effective governance.


I work for Blue Cross Blue Shield of Florida on the Procurement team. My sub-team, Supplier Management, is small and we wear many hats. We were the first in our organization to implement some standardization for how critical suppliers were managed by developing a segmentation questionnaire to tier our suppliers and worked with business owners to get all Tier 1 suppliers on performance scorecards. Our role was to provide standard formatted scorecards with a library of the most common KPIs, stationary, QBR templates and more. 

Due to an incident with a supplier, the board made a directive that supplier risk should have a more explicit focus. A new team called Enterprise Risk Management was formed within Corporate Affairs/Internal Audit to address supplier risk and closely partner with Procurement on new suppliers and manage risk with our current supplier base.

Cindy Lingerfelt, C3PRMP, Sourcing Specialist, Florida Blue

Drive Savings with Contract Negotiation Best Practices

Best practices in contract negotiations

SIG University Certified Sourcing Professional (CSP) program student Jessica Maki works at Driven Brands. She shares what she’s learned about contract negotiation and how she is implementing newly learned best practices and techniques to score bigger wins and drive more savings for her company.

In the CSP program, students focus on the hard and soft skills of sourcing, including strategic sourcing and outsourcing methodologies, as well as best practices in negotiations.


Negotiation planning plays a big part in the procurement industry. Procurement is always looking for the best price, best supplier performance and cost savings for the organization. In SIG University’s Certified Sourcing Professional program, I learned several key factors when it comes to negotiating with suppliers including preparation, best practices, and what to do versus what not to do. Throughout my experience as a procurement specialist, I’ve learned to apply these important techniques during the negotiation process, and it has helped me become a more confident negotiator. 

Jessica Maki, Procurement Analyst, Driven Brands

School’s in Session for Sales Professionals

As a sales professional, I never thought to learn another profession’s language to get ahead of the game. I am not talking about native language, but about industry language. While we may all speak the same language in corporate America, we often don’t understand what the other is trying to say. 

When you go to the doctor’s office and receive a diagnosis, or when you try to understand what your bill says after getting a check-up, tune-up, court appearance or whatever it may be, we don’t always speak that specialized language and have to get someone to translate. It is frustrating, to say the least. 

Sales professionals work with all kinds of industries, companies, people and cultures. Whether you work with lawyers, doctors, biologists, mechanics or procurement, they all have their own unique language. I’ve worked among CTOs, CIOs CEOs, VPs and the like, and while I consider myself a very good salesperson, I wasn’t always speaking their language, which cost me closing deals.   

A little over a year ago I started working with Sourcing Industry Group (SIG), which provides thought leadership, training and networking opportunities to executives in sourcing, procurement, outsourcing, shared services and risk from Fortune 500 and Global 1000 companies. I admit, I hadn’t worked with many people in procurement, supply chain or sourcing, but I had sent many RFPs, RFQs and contracts through procurement departments that never received a response, feedback or anything, which further compounded my frustration. 

Brie Pritchard, Director of Business Development, Sourcing Industry Group

How to Become a Certified Third Party Risk Management Professional

Earn a third party risk management professional certification through SIG University

SIG University’s Certified Third Party Risk Management Professional (C3PRMP) program is a globally recognized certification that is the “gold standard” in terms of relevance, scope and content. The C3PRMP program was created by Linda Tuck Chapman, an advisor, educator, author and expert, and is based on her experience and her book, Third Party Risk Management: Driving Enterprise Value (published by the Risk Management Association). You’ll soon learn that investing in the C3PRMP designation is an investment that will enhance your knowledge base and deepen your expertise.

Outlined here is information about the upcoming changes and benefits of your C3PRMP designation, as well as a profile of our students.  


 

What changes are coming to SIG University’s C3PRMP program in January 2020? 

In January 2020, the duration of SIG University's C3PRMP program will be extended from eight weeks to 10 weeks. Multiple-choice review questions at the end of each module will test all students’ knowledge and require a minimum passing score of 80%.

Stacy Mendoza, Digital Marketing Manager

Vendor Risk Management: A Proactive Approach

Colorful blocks that spell risk

SIG University student Hanne McBlain enrolled in the Certified Third Party Risk Management Professional (C3PRMP) Program while working at Information Services Group. She shares what she learned from her own experience with a data breach and how she is taking a proactive approach to IT vendor risk management to mitigate future business disruptions.  


In times of cost-cutting, vendor management functions that include third party risk are often the first to go or be significantly reduced. Many senior executives fail to see the value these functions bring and are usually happy to cover third party risk as part of a general risk function.

Stakeholder Support is Critical

I previously worked for an organization that prided itself on not relying on third parties for any critical functions. Redundancy was abundant and built into every platform, and on the surface, there was not much to worry about when it came to third party risk.

During my time there things started to change. We convinced the organization to implement a third party risk management framework. But with no experience in this area, we were fighting an uphill battle. We managed to win support and quickly implemented standard due diligence and on-going monitoring of critical suppliers. The business stakeholders generally regarded the added due diligence and tracking as unnecessary and bureaucratic.

Hanne McBlain, Director - ANZ Managed Services

This Month at SIG – August 2019

Multiple light bulbs on a blue background.

This month, SIG announces the finalists for the Future of Sourcing Awards, you’ve got one more shot to earn a sourcing, supply chain or risk management certification in 2019, and SIG CEO and President Dawn Tiura needs your help with a tail spend question.


Future of Sourcing Awards Finalists

The finalists for the second annual Future of Sourcing Awards were announced Thursday, August 1. To see who advanced as a finalist in eight team categories and two individual categories, check out Future of Sourcing on Twitter, LinkedIn and Facebook, or visit the Future of Sourcing Awards website

Stacy Mendoza, Digital Marketing Manager

Pages