TPRM (Third-Party Risk Management) refers to the processes and tools an organization puts in place to identify, assess, and manage risks associated with its third parties — suppliers, subcontractors, and service providers. It covers cyber, financial, regulatory, and ESG risks across the entire supplier relationship lifecycle. In Europe, NIS2, DORA, CSRD, and Sapin II now make it a regulatory imperative.
