Step-by-step guide

How to start with third party risk management

Bram Ketting | Founder & Managing director

In a new series of expert blog posts, we will discuss and explain how to start and implement third-party risk within your organisation.

A structured 6-step approach will be used whereby every step will be an explanatory blog post. For the upcoming three weeks, starting the 27th of October (2020), we will publish every Tuesday and Thursday a new article:

  1. Capability setup

  2. Requirements overview

  3. Third-party catalogue 

  4. Segmentation

  5. Due diligence assessments

  6. Risk monitoring & exit

At the end of the series, you will have a good high-level understanding of third-party risk, and you are able to kick start an implementation project within your organisation.

Capability setup

In the first blog post, we will discuss items like TPRM ownership, typical scopes of a TPRM program, hybrid vs distributed organisational setups, second-line involvement and how to start lightweight. 

Start following our LinkedIn page to stay up to date with the latest expert blog posts and industry analyses around third-party risk management.

If you have any questions during or afterwards this series, please feel free to e-mail at, and I am more than happy to provide some additional context or information.



We’d love to hear
from you


We’d love to hear
from you

Send Us a Message