Third Party

Risk Management

One of the characteristics of a modern-day business environment is the increased usage and dependence on third parties to conduct business. Third parties enable businesses to focus on their strengths, strategic business objectives and allows access to innovative solutions and new markets. While utilising third parties may seem attractive, it is not without any risk. 

Supplier Due Diligence

1. Do you know who you are linked to? 

2. How responsible is your supplier chain? 

3. Did you choose your suppliers with due care and with a proper understanding of their business? 

4. Are you monitoring contractual obligations? 

5. Do you have a contingency plan? 

How can we help you? 

Our team of TPRM professionals are highly experienced and globally informed. We know the challenges that our clients face when it comes to managing third party risks and are focused on solving for those challenges through innovative and flexible solutions. We are actively involved in all aspects of a client engagement, ensuring that you receive the professional support and expertise of our executive team.

Our Solutions


Diagnostic risk assessments


Conducting third party due diligence


Supplier desirability management


Framework development and implementation




Vetting solutions

"Risk management is a more realistic term than safety. It implies that hazards are ever-present, that they must be identified, analyzed, evaluated and controlled or rationally accepted."

-Jerome Lederer

Frequently Asked Questions


Who are third parties?

A third party may be defined as any body who is not part of your business, it is any arrangement between your business and another party through a contractual agreement or some other type agreement. Third parties include suppliers and vendors. 


What does supplier due diligence entail?

Supplier due diligence entails verification of company information and beneficial owners, sanctions and PEP screening, adverse media using open source intelligence, desirability assessments, annual reviews. 


How does the process work?

One of our team members will meet with you to understand your specific needs and policy requirements. A project manager will be assigned to the engagement to ensure that controls are scope and embedded to ensure an efficient and effective operational process. 


What are the costs?

We have a flexible costing model on a pay-as-you-use basis. For annual verification of suppliers, a fixed fee will apply.  

News & Resources

Tips for implementing regulatory requirements

With all the hype around the POPIA, Cybercrimes Bill and the proposed inclusion of additional sectors under the ambit of Accountable Institutions, effective implementation of regulatory requirements are critical to evidence compliance and mitigate regulatory risk....

POPIA – Guidelines for implementation

GUIDELINES FOR IMPLEMENTATION The Protection of Personal Information Act (POPIA), is South Africa’s primary legislation on data privacy and management.  The Act, which pertinent sections become effective on the 1 July 2020, seeks to promote the protection of personal...

Get Started Today

Contact me on or 


Nelly Nkosi

Head of Third Party Risk Management