Know Your Third Party (KY3P)

Have a question about this Solution?
Our AI-powered search engine is continually improving.Learn more

Know Your Third Party (KY3P) is an integrated suite of solutions to manage end-to-end third party and “vendor risk management”. “Third party solutions” and vendor relationships are under increasing scrutiny from regulators, the media and consumers. Fraudsters and other criminal elements target companies' 3rd and 4th parties as the best and easiest route to attack and exploit. As firms increase reliance on “third party vendors” to deliver business-critical processes and services, oversight complexity also increases. We work with our global community of end users to realize best-in-class third party risk management programs.

Our solutions and services designed by the industry drive efficiency, streamline due diligence and deliver transparency across their organizations. There are three major components that form KY3P:

  • Onboarding and oversight provides standardized onboarding, due diligence, inherent risk calculation, oversight and offboarding of third party products, services and outsourcing arrangements. It enables the enforcement of compliance by codifying the organizations’ vendor risk policies and oversight procedures.
  • Due diligence and monitoring helps firms collect and maintain risk information, including cybersecurity and financial ratings, sanctions data, news alerts, cyber event data, and questionnaire responses from third parties that can be used to generate risk scores and drive remediation.
  • Shared assessments delivers “services and software for third party risk assessments.” We offer standardized, cost effective on-site, desktop or express assessments by accredited partners based on market standard criteria delivered through the KY3P platform.

Service Provider Information

At S&P Global Market Intelligence, we understand the importance of accurate, deep and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, and make decisions with conviction.
OverviewKey Information

Overview

Key Information

Use Cases

Organizations entrust their third parties with their data and their customers’ data and depend on them for their own delivery of products and services to customers. Outsourcing of core activities is a growing trend, as is the adoption of innovative externally provided technology, and the use of the cloud. Regulators require firms to identify and manage third-party relationships to ensure they have identified, understood and managed the risks involved.


Benefits

Engaging vendors to support your business is a natural way to get support outside of your organization’s core expertise. However, relationships with third parties introduce risks which must be controlled. Third party risks are controlled differently from internal risks. You cannot tell a vendor who to hire, how to build data security or how to comply with regulatory requirements.

Leverage KY3P to help you:

  • Build robust policies and controls to manage third party risk
  • Identify the inherent risk of the product or service provided and understand the vendor's controls by asking questions, making assessments or reviewing external information about the vendor
  • Manage ongoing, risk-based oversight and monitoring of significant events that impact your vendor

Details

  • Installation Requirements
    Cloud-based (AWS) platform and data solution, implementation and configuration required by KY3P. Advisory, Assessment, and Managed Services available.