Whether you’re new to working with third-party vendors or a seasoned professional, you know the risks. The more vendors you work with, the greater your chances of cyber-related incidents and failure to meet your requisition contingencies.
Unfortunately, even though 40 percent of business leaders have fully mature vendor risk management (VRM) programs, just under a third have only ad hoc or no significant third-party risk management processes, according to a recent Protiviti report. In the IT staffing industry, no set third-party risk management process leaves client information at risk and opens the door for staffing pros to deal with seemingly insurmountable challenges.
While this makes the outlook for third-party vendor use look grim, having these vendors in your pipeline significantly increases the opportunity to find and place highly qualified talent. The key is having the right risk management practices in place to decrease both fear and frustration while empowering your entire team to increase the accuracy of placements. Additionally, strategic risk management gives your firm the opportunity of increased beneficial collaboration with vendors.
Before that ideal collaboration can begin, take a look at three ways you can manage risks to increase the effectiveness of working with third-party vendors:
1. Understand your data
The world of data is powerful — and we all have that power at our fingertips. Many organizations are coming around to fully implementing data in their people strategies. For example, in a 2017 survey, Deloitte found that 69 percent of participating companies are integrating data to build a People Analytics database. That number was only about 10 to 15 percent in earlier years.
These increased numbers are likely due to proof that data has a direct correlation to business success. In fact, a recent Deloitte report found that high-maturity organizations, or those using people analytics appropriately, report 82 percent higher three-year average profit than those who have not yet adopted data analytic strategies or who are not using them correctly.
IT staffing firms are an extension of internal hiring pros’ people operations teams. Without the appropriate use of data, it’ll be unnecessarily challenging to increase placement and new requisition numbers.
It’s time to go beyond reading reports and putting them in a file to assess later. Use your data to find out key third-party vendor risk information:
- Do you have non-compliant vendors?
- Which vendors send you reliable candidates?
- Do some vendors continue upping their costs?
- How quickly do vendors respond?
All of this information gets you a step closer to managing risks and understanding which vendor relationships are most beneficial.
2. Track vendor pricing and make it transparent
Staffing budgets are already tight. On top of that, resource constraints, in general, were noted as one of the largest VRM challenges for organizations in Protiviti’s report.
One way to tackle both issues is by tracking vendor pricing. Some vendors will skyrocket their prices if they don’t think you’re paying attention. Even if you are, their ability to provide quality candidates may override their initial cost. This could result in a loss of support from executives as they see your budget quickly depleting from third-party vendor usage.
Tracking vendor pricing allows you to see where you’re getting the best price for valuable talent. Take your process a step further by allowing your vendors to see what each is charging you. While they’re in competition with each other, you’ll receive their best possible prices.
3. Collaborate with your team
According to a Venminder report, 58 percent of those working with third-party vendors manage more than 100 vendors. If your company doesn’t have full-time employees designated to third-party vendor management, it’s impossible for you to keep track of everything yourself.
Gather your IT staffing team. Make vendor risk management a team effort. Find out what your colleagues are dealing with and which vendors they’ve found trustworthy. Keep this information in one secure space to continue referencing and updating as untrustworthy vendors are pushed out and new ones are allowed in.
How do you manage third-party vendor risk? Share below!