SERVICE PROVIDER EMERGING IMPACT AND PROBABILITY ASSESSMENT SYSTEM

摘要

The present invention embraces a system including a processing device, a memory, and a communication device in communication with a distributed network. The system is configured for assessing and managing risk for a multitude of service providers by receiving service provider information from network feeds over a distributed network and storing such information in a data store prior to analyzing such information to determine an amount of risk an organization assumes based on receiving products or services from a service provider and communicate such information for storage in a data store. The system may further determine risk mitigation controls that may be enacted by an organization in order to mitigate the risk associated with receiving the products or services form the service provider. The system may further generate and present a graphical representation of data relating to the risk.

主权项

1. A service provider risk management system operated by an organization, comprising:
a processor; a memory; a communication interface in communication with a distributed network, the distributed network comprising one or more data stores having service provider information regarding a multitude of service providers stored therein; a service provider risk management module stored in the memory, executable by the processor and configured for:
receiving, via network data feeds through the distributed network, service provider information for the multitude of service providers from the one or more data stores, wherein the multitude of service providers each provide a product or service to the organization, wherein the service provider information includes risk information for each of the multitude of service providers;determining at least one risk area associated with a business practice of the multitude of service providers;determining at least one risk factor associated with the multitude of service providers, wherein the risk factor is a result of the organization transacting with each of the multitude of service providers;calculating an inherent risk score for each of the multitude of service providers based on the service provider information, wherein the inherent risk score is based on the at least one risk area and the at least one risk factor;identifying risk mitigation controls for each of the multitude of service providers to mitigate an impact of the at least one risk factor and a probability of a risk event occurring in the at least one risk area;calculating a residual risk score for each of the multitude of service providers based on the service provider information and identifying the risk mitigation controls for each of the multitude of service providers; andpresenting a graphical representation of at least the inherent risk score and the residual risk score for at least one of the multitude of service providers to a user computing device, whereby the service provider risk management system enables the organization to mitigate risk as a result of the organization receiving the product or service from the multitude of service providers by enacting the risk mitigation controls.