Discussing the experiences of delivering third party risk management in a highly regulated environment