Third Party Risk Management Supervisor
Job Description
Title:
Third Party Risk Management Supervisor
Division:
Law, Risk, Compliance, and Communications PS Job Code/FLSA:
Reports To:
Director, Third Party and Supplier Risk (title pending) Direct Reports:
No Effective Date:
9/27/2024
Last Review Date:
9/27/2024
Job Purpose (ideally 3-5 sentences)
The Third-party Risk Management Supervisor is responsible for overseeing the work of a team of individuals who are assessing, monitoring, and managing third-party risks that may impact the organization. The role supports risk and compliance functions within the company’s Law, Risk, Compliance, and Communications Department and is primarily responsible for day-to-day third-party risk management activities.
% of Time
(required)
Essential Functions (ideally 5-10 with greatest % first)
30% Third-Party Risk Activities
· Conduct comprehensive risk assessments of existing and potential third-party vendors, partners, and suppliers to identify and evaluate potential risks.
· Monitor and evaluate the performance of third-parties to ensure compliance with company and regulatory requirements.
· Identify and escalate any critical risks or issues related to third-party relationships to the appropriate stakeholders for immediate attention and resolution.
· Stay informed about industry trends, regulatory developments, and best practices in third-party risk management to proactively identify and address potential risks and challenges.
· Collaborate with internal stakeholders, including legal, procurement, global security, compliance, and information security teams, to ensure that third-party relationships align with the organization's risk management framework.
· Complete team activities as needed to cover absences, work-load shifts volume.
· As subject matter expert, actively engage in new process roll-out, and develop documentation and materials to ensure process changes are cascaded to team members.
· Audit work instructions and keep current based on process changes due to improvements and efficiencies.
30% Third-Party Risk Management Strategy and Operations
· Regularly review and update the third-party risk management framework to incorporate industry best practices and regulatory changes.
· Provide regular reports and updates to management on the status of third-party risk assessments, including any identified issues or potential areas of concern.
· Maintain a centralized repository of third-party information, including third party service providers, vendors, assets, and partners, and related risk assessments, audit reports, and remediation plans.
· Lead due diligence and risk assessment of third parties to assess third party risks.
· Manage tasks and workflow of team to ensure timely completion/resolution re-prioritizing specific activities as needed.
· Manage department metrics and reports including report delivery, gap analysis, and remedy implementation.
· Identify cost and time efficiencies to ensure continuous improvement.
30% Team Management Activities
· Responsible for the day-to-day employee relations of third-party risk management staff.
· In coordination with Department management, assist in the process of interviewing selecting and hiring new staff members.
· Approve timecards and manage time-off requests to ensure department functions are operational.
· Conduct regularly scheduled huddles/staff meetings with direct reports.
· Routinely audit staff performance and recommend improvements.
· Execute change management.
· Train/re-train team members and develop and keep training material current.
· Manage overall staff performance, establish performance goals, conduct performance reviews, and develop tools and methodologies to improve performance as needed.
· Coach and counsel as needed. Engage HR and Department management as needed for action and/or performance improvement plans.
· Engage in separation activities as applicable.
· Manage department organization charts, matrices, and activities.
10% Overall Risk Management Activities
· Assist in preparation and presentation of materials to Kelly departments or Enterprise Risk Management (ERM) leaders as needed.
· Proactively seek process improvements reflective of risk tolerance for Speed to GP, cost reduction, efficiency gain and value.