Extract from the Institute of Risk Management’s Extended Enterprise study advances benefits of moving from supplier assessment to supplier risk management

SureCloud^®, a supplier of Cloud-based Governance, Risk and Compliance (GRC) solutions, today announced the immediate availability of its paper for enterprise risk practitioners entitled Supplier assurance: advancing from assessment to risk management.  Written by SureCloud CEO, Richard Hibbert, the paper is a short extract from October 2014’s highly influential Institute of Risk Management (IRM) report ‘Extended Enterprise: Managing Risk in Complex 21st Century Organisations’.  The 138-page study calls on companies to take a more proactive stance to supply chain crises rather than implementing new ‘tick box’ compliance processes that further add to complexity. It also provides an analysis of the role behaviour plays in ensuring consistency of culture and practice throughout every link in the chain.

“The IRM first became aware of our in-depth expertise in the field of Third Party Supplier Assurance after seeing us present successful customer implementations at major industry events,” said Richard Hibbert, CEO at SureCloud. “We were obviously thrilled and honoured when they asked us if we would work with them on this ground-breaking and insightful piece of work.”

SureCloud’s paper examines how the vast quantity and transient nature of supplier relationships today demand assurance capabilities that are not only consistent, efficient and scalable, but also provide analytic capabilities. It explains how this gives organisations new competencies to identify, prioritise and reduce operational risks in the supply chain. It pushes the case for establishing a framework that allows controlled business growth and maintains high levels of quality without having to introduce additional levels of complexity.

“The new IRM report shows how the response by enterprise to recent supply chain crises like the horse meat scandal, Rana Plaza or BP has invariably been to introduce extra rules and regulations that add new layers of complexity and ultimately leave workers even more vulnerable,” said Carolyn Williams, technical director, Institute of Risk Management.  “With the support of enlightened partners like SureCloud we aim to change the mind set of risk management executives by persuading them there is greater value in improved process automation and communication than simply relying on conventional ‘tick box compliance’ methods.”

“SureCloud is proud to support this thought-provoking study which will provide risk professionals and executives with an appreciation of the risks posed by direct and arms-length trading relationships, and paves the way for effective management of these risks,” continued Richard Hibbert.  “We are passionate that compliance as a discipline deserves a much higher profile and reports like this one by influential industry bodies like the IRM are changing perceptions by helping enterprises understand how they can use it to achieve tangible benefits.”

An executive summary of the IRM study ‘Extended Enterprise: Managing Risk in Complex 21st Century Organisations’ is available free-of-charge while the full paper may be accessed by IRM members.

About SureCloud^® 

SureCloud helps to automate any Governance, Risk and Compliance (GRC) process, such as Compliance Audits, Policy Management, Risk Assessments or Third Party Assurance programmes. The SureCloud Platform supports an agile approach to implementation and per user pricing, dramatically reducing the total cost of ownership. Established in 2006, SureCloud is a British company based in Reading, Berks, with more than 350 customers throughout the UK from the Retail, Financial Services and Government sectors.