Third-Party Risk Management (TPRM)

This project aimed to benchmark the Key Risk Indicators (KRI) for Dell in third-party risk management (TPRM) and proposed a framework that could be sustainable and resilient while staying relevant in an evolving risk landscape. This scientific framework is expected to increase the effectiveness of Dell’s risk management. A big part of solutions was generated from analyzing the existing examples of other companies’ TPRM frameworks and how they manage their TPRM teams. The project also wanted to help Dell increase its firm-wide collaborations on TPRM from an outside perspective.

The Capstone team has developed 10 Key Risk Indicators (KRI) other companies currently use, as well as developing solutions that would fit Dell’s current model. These proposals have been considered and conducted under regulations such as GDPR, which requires companies to operate in accordance with data privacy and security laws. In the process, the team has conducted interviews with 8 experts working in this field to pull some insights. Some of the questions that drove the project include: 

• How are other technology companies building their TPRM programs, and what technology solutions are they utilizing to support their requirements?
• How will Dell’s third-party risk management program adapt through acceleration change?