Understanding the need for diversity within teams and vendors and embedding into culture
The views and opinions expressed in this article are those of the thought leaders as individuals, and are not attributed to CeFPro or any particular organization.
Shamial Afzal, Head of Strategic Oversight, Legal & General Investment Management
Codee Woo, Strategic Supplier Risk Manager, Legal & General Investment Management
How do you best identify talent?
First and foremost, take some time to understand what you are looking for and build up a profile and visualise what that person/s will be doing.
Although skills and experience play an important part in the process, for me its also about the softer skills and breadth of experience from other sectors that can be easily transferred into a given sector.
I also look out and consider individuals journey and the ‘why’ they want a particular role and how I can help them on their journey by supporting, developing and learning from their experiences, thus creating a win-win solution.
What are the main impacts brought from lack of retaining and developing talent?
For me, if you don’t take the time to nurture talent you can quickly find individuals losing interest and becoming more transactional in nature. This could have a mid-long term performance impact on your business and function.
You may also find lower engagement and development scores across teams which could have an overall impact on firms employee survey results.
The above may result in talent walking out of the door which is not good for all parties concerned.
Why should you implement a single outsourcing and third party management framework across an organisation?
In organisations that are comprised of several entities, a single outsourcing and third party management framework ensures that the quality and depth of supplier oversight is consistent. Global organisations spread across multiple jurisdictions are also overseen by several different regulatory bodies. A single framework brings together those regulatory requirements and aligns processes across countries and entities.
Any incremental local requirements or processes that are not appropriate to be applied to the whole organisation can be covered through local framework addendums. This ensures that they are formally documented and provide clarity for where there may be local divergences from the global framework.
What is the importance of embedding an outsourcing and third party management framework into an organisation using a roadmap?
You may have a perfectly documented outsourcing and third party management framework, however if the processes that underpin the framework are not implemented or followed, the framework will not be effective at managing supplier risk.
Developing and completing a roadmap to embed a framework ensures that any governance steps, activities or processes that need to be implemented or enhanced can be completed against a timeline before the framework goes live. It also provides the opportunity for targeted training and awareness sessions to take place for each stakeholder group within an organisation. This will ensure that stakeholders understand how the framework is important to their role and any steps they need to do to comply with it.
How can you improve the culture of an organisation around managing outsourcing and third party risk?
An organisation’s culture is deep rooted in its structure, systems and people and difficult to change. It is important to develop a strong understanding of an organisation’s culture and any differences across divisions, entities and countries. This will enable training and awareness for outsourcing and third party risk management to be targeted and identify if there are dependencies on the effectiveness of other frameworks within the organisation.
For example, the concept of risk can be poorly understood by many individuals in an organisation and the value of control effectiveness not recognised. Therefore, to successfully improve an organisation’s culture around outsourcing and third party risk with this issue, enhancements from the operational risk team would be required first. Remediation activities may include uplifting processes for identifying, recording and remediating risks and corresponding training to build a risk management culture. Once this is completed, there is a higher chance that training and awareness on outsourcing and third party risk would be better understood, received and followed.
Shamial Afzal and Codee Woo will be speaking at the upcoming Vendor & Third Party Risk Europe Summit
You may also be interested in…
Have you made your free account?