EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.
Select your location
Local sites
ServiceNow Third-Party Risk Management (TPRM) solution
EY teams combine deep professional experience, proven ability to help deliver transformation projects and broad technical knowledge of the ServiceNow platform.
What EY can do for you
Organizations across all sectors and geographies are considering their third-party risk management priorities and looking at how technology can enable their processes to create a robust, integrated and effective Third-Party Risk Management (TPRM) capability.
The EY organization is one of ServiceNow’s few Global Elite Partners; together, we help deliver transformation projects worldwide. Our broad implementation services help you identify the capabilities necessary to improve your TPRM processes on your journey to establishing a robust TPRM target operating model.
The EY TPRM Accelerator supports end-to-end processes in the TPRM function, helping power assessment, response and dashboarding capabilities for organizations and third parties.
This accelerator can be adjusted to the needs of clients and their methodologies, and integrates ServiceNow’s Governance, Risk and Compliance and Vendor Risk Management (VRM) capabilities.
The EY Third-Party Risk Management Accelerator addresses four key third-party processes to identify, assess and help manage the risks associated with the usage of third parties:
How is our EY TPRM offering unique?
We combine deep professional experience, proven ability to help deliver transformation projects and broad technical knowledge of the ServiceNow platform through:
- Oversight and governance: Clearly defined and well-communicated vision for TPRM paired with a governance model designed to enhance transparency, accountability and efficiency.
- Policies and procedures: Easily accessible, jargon-free documents that clearly and concisely define roles and responsibilities for TPRM activities and the scope of the program.
- Third-party inventory: A centrally located list of third-party profiles, containing essential information about these parties and the services they are authorized to provide.
- Risk models: A well-documented model for risk scoring each third-party, including an algorithm for inherent risk, accounting for control posture and calculating residual risk.
- Assessment methodology: Clearly defined processes for conducting all steps of the TPRM lifecycle – from identification and RFP to termination – including execution tools and enablers.
- Automation, technology and reporting: A technology solution that helps power and automate TPRM methodology, integrated with stakeholders’ operations to track appropriate KRIs and KPIs.
The team
Our latest thinking
EY Supplier Risk Intelligence solution
The EY Supplier Risk Intelligence solution helps manage supply chain risk by uncovering supplier risks and offering mitigating actions. Learn more.
28 Feb 2023
How banks can maximize long-term value by minimizing third-party risk
Working with third parties is necessary but can be risky. EY helped a client understand these risks and transform their risk management model. Learn more.
08 Jul 2021
Andrea Romani