SANTA FE, N.M., Oct. 02, 2018 (GLOBE NEWSWIRE) -- The Shared Assessments Program, the trusted consortium for third party risk management (TPRM), highlights where the Consumer Packaged Goods (CPG) sector lags in third party risk management in “Consumer Packaged Goods Industry Call to Action,” the newest resource in Shared Assessments’ Building Best Practices series. The report includes a call to strengthen sector resilience, top-line CPG sector survey findings, and detailed actionable insights on solution building considerations for risk professionals to strengthen TPRM programs against third party risks.
Mike Jordan, CPG-VSG staff lead, Senior Director, The Santa Fe Group, notes: “Using standardized content speeds the entire risk assessment process up and lowers costs, but there are certain hurdles that need to be overcome when you’re dealing with large-scale companies. Outsourcers and Vendors need to speak the same language so they can easily and quickly share information from the specific services being offered. Creating a system that allows for easy sharing can only be achieved by working together to understand each other’s needs and difficulties.”
Benchmarking shows that compared to other major industry sectors, the CPG sector has been slow in making program maturity gains in TPRM processes. The sector faces distinct challenges, according to The Shared Assessments Consumer Packaged Goods Vertical Strategy Group (CPG-VSG). Among CPG-specific TPRM challenges:
- CPG-VSG TPRM Program Goals: 87% of respondents reported main TPRM program goals as including protection of intellectual property and data; only 75% cited minimizing supply chain cyber risk, and only 75% cited protecting against reputation risk.
- Scope of Assessment: While 100% of CPG-VSG report their programs assess their information technology (IT), only 75% of respondents currently assess supply chain risk at some level.
- Silos in TPRM focus: Separate silos often exist around corporate IT and manufacturing operational technology (OT), resulting in differing TPRM program priorities. IT security focuses on agility in response to threat environment changes, while OT is focused on production floor efficiency and uptime.
- Co-manufacturer Risks: Comprehensive security and control programs and expensive certifications are often not a priority of co-manufacturer risks.
- Rapidly Expanding Threat Inventory: Integration of digital systems, Industrial Internet of Things (IIoT) devices and cloud computing resources in the manufacturing supply chain makes cooperation among providers of devices and services ever more essential.
Catherine A. Allen, Chairman & CEO, The Santa Fe Group, the managing agent for Shared Assessments, said: “Risk management must not be viewed as a competitive issue among CPG manufacturers. One cybersecurity disruption to downstream supply chain providers can affect many manufacturers, and the complexities of risk management make a unilateral approach to managing third party risk both unproductive and inefficient.”
A CPG Call to Action
In “Consumer Packaged Goods Industry Call to Action,” Shared Assessments calls upon CPG outsourcers and manufacturers and digital ecosystem organizations to:
- Work collaboratively with other companies through industry associations and public-private partnerships.
- Improve Tone at the Top to break down internal silos, so that TPRM efforts can be more effectively coordinated.
- Form, build and sustain cooperative relationships within companies.
- Utilize industry-designed, standardized tools.
- Build critical mass for a CPG-specific TPRM ecosystem, similar to those effectively strengthening the digital ecosystems of other industries.
Allen concludes: “The CPG sector is poised to embrace the simplification offered by a standardized TPRM system, and the shifting threat surface makes this a priority that must be embraced in the boardroom, in the C-suite and by security and risk program management professionals.”
“Consumer Packaged Goods Industry Call to Action” may be downloaded here.
About the Shared Assessments Program
As the only organization that has uniquely positioned and developed standardized resources to bring efficiencies to the market for more than a decade, the Shared Assessments Program has become the trusted source in third party risk assurance. Shared Assessments offers opportunities for members to address global risk management challenges through committees, awareness groups, interest groups and special projects. Join the dialog with peer companies and learn how you can optimize your compliance programs while building a better understanding of what it takes to create a more risk sensitive environment in your organization.
MEDIA CONTACT:
Dan Chmielewski, Madison Alexander PR
(949) 614-0634
dchm@madisonalexanderpr.com