Supplier risk assessment is the process by which an organisation qualifies and quantifies risks associated with a third party: financial, cyber, regulatory, operational and ESG. It enables prioritisation of critical suppliers, calibration of control levels and justification of onboarding or offboarding decisions. It is the operational core of any TPRM programme and the primary input to risk dashboards and KRI monitoring.
