Every firm needs to ensure vendors deliver on their Service Level Agreements.

Challenge

Regulators, clients and senior management need assurance that regulated firms carefully pre-screen vendors and regularly reassess their suitability as a vendor.

Maestro-Solution

The “Due diligence” undertaken needs to be on several levels to assess if the supplier is reliable to contract with, whether they are compliant with relevant legal/regulatory requirements and whether the service supplied has met contractual standards.

GRC-Maestro supports your Vendor Management requirements in a Maestro Solution with:

Contractual Risk Assessment

All vendor contracts need to be risk assessed when entered and periodically thereafter.
The risk assessment can include the risk of financial loss, either direct or indirect, as well as reputational risk. The higher the risk the more frequently the vendor's contractual compliance needs to be reviewed.

Policies & Procedures

Firms need to document their Vendor Contract Policies/Procedures which must be followed before entering contracts and be periodically revised in the light of disputes that might have arisen.

Contract Monitoring

Each vendor’s contractual compliance has to be assessed by the firm's contract "owner" at a frequency determined by the assessed materiality of the contact.
If anomalies are identified by GRC-Maestro, these are flagged for investigation, reporting and resolution by a manager.

Disputes: Identification & Reporting

On an exception basis, contractual disputes can arise. It is essential that these are formally recorded, investigated, reported and resolved.
Remedial action might include assessing why the dispute arose and how to prevent a recurrence.

GRC-Maestro

Prove Compliance – Evidence your Governance, Risk & Compliance (GRC)

Automate GRC – Run manual checks and processes automatically

Low Cost – Quick and easy to use + low pricing