Companies frequently offer a value proposition to their customers that encompasses an increasingly integrated value chain of suppliers, distributors or other providers. Many people don’t differentiate one provider to the “value chain” from any other, but instead perceive all relevant contributors to be part of a single solution provided by the company whose brand is associated with the product or service. Consequently, the offering can be fraught with risks because of the behaviors of those third- party providers. These risks can include bribery, environmental violations, software piracy, health and safety problems, labor law violations, cybersecurity breaches, and other many others.
Depending on the company’s size and complexity, it could have thousands of third-party providers—each with a role in the company’s value chain. And, at the end of the day, the company could be left holding the bag for the actions of these numerous third parties.
So how can audit committees ensure that they are addressing third-party risks on a comprehensive basis and prioritizing the greatest risks?
Read more here: Audit committee excellence series: Oversight of third-party risks for additional insights.
This post originally appeared on PwC’s Governance Insights Center.
