Supplier risk management refers to the set of processes that enable an organisation to identify, assess and mitigate risks associated with its subcontractors and external partners. It covers documentary, financial, cyber, regulatory, ethical and operational aspects. Distinct from simple supplier monitoring, it forms part of a proactive and ongoing approach, now governed by NIS2, DORA and the duty of care, amongst others.
