Search
Filters
Close

Closing the Gaps in Third-Party Risk Management: Defining a Larger Role for Internal Audit

More and more organizations are coming to rely on third-party relationships to achieve business objectives. This report provides insight into how internal audit can plan for managing third-party risk.

PDF

$0.00
$24.99
//when a customer clicks 'Enter' button we submit the "add to cart" button (if visible)
$24.99

The IIA Research Foundation holds security settings on our eBooks and PDFs that prevent printing and copying.

Third-party relationships are growing in importance to all types of organizations in all industries. Helping to manage and control the risks associated with a company’s relationships with third parties would seem to be a natural role for an internal audit department.

In view of this emerging risk, the Internal Audit Foundation and Crowe Horwath LLP conducted a cross-industry survey of 164 chief audit executives to assess the level of involvement of internal audit in monitoring third-party relationships. 

  • A surprisingly large percentage of survey respondents indicated that their organizations make limited use of internal audit resources in managing and controlling risks (82%).
  • At the same time, more than 65% of the internal audit executives in the survey described their organizations’ reliance on third parties as either “significant” or “extensive.”
  • Survey respondents also noted that there is a lack of consensus about ownership of third-party risk. 

When the respondents were asked who has the primary day-to-day responsibility for evaluating and overseeing third-party risk in their companies, the answers varied widely. This research report gives internal audit leaders key perspectives that will help them plan for their involvement in building and managing a third-party risk program at their organizations. 

Sponsored by Crowe Horwath LLP

Item Number: 10.5029

The IIA Research Foundation holds security settings on our eBooks and PDFs that prevent printing and copying.

Third-party relationships are growing in importance to all types of organizations in all industries. Helping to manage and control the risks associated with a company’s relationships with third parties would seem to be a natural role for an internal audit department.

In view of this emerging risk, the Internal Audit Foundation and Crowe Horwath LLP conducted a cross-industry survey of 164 chief audit executives to assess the level of involvement of internal audit in monitoring third-party relationships. 

  • A surprisingly large percentage of survey respondents indicated that their organizations make limited use of internal audit resources in managing and controlling risks (82%).
  • At the same time, more than 65% of the internal audit executives in the survey described their organizations’ reliance on third parties as either “significant” or “extensive.”
  • Survey respondents also noted that there is a lack of consensus about ownership of third-party risk. 

When the respondents were asked who has the primary day-to-day responsibility for evaluating and overseeing third-party risk in their companies, the answers varied widely. This research report gives internal audit leaders key perspectives that will help them plan for their involvement in building and managing a third-party risk program at their organizations. 

Sponsored by Crowe Horwath LLP

Item Number: 10.5029