Back

Provide management support for third party due diligence.


CONTROL ID
08847
CONTROL TYPE
Business Processes
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain supply chain due diligence standards., CC ID: 08846

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • The organization should ensure internal management supports the supply chain due diligence process. (Annex I ¶ 1(B), OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas, Second Edition)
  • Senior management should review the due diligence results of the selection process to determine if the third party has the ability to meet the bank's expectations and if the relationship should proceed. ("Due Diligence and Third-Party Selection" ¶ 4, Third-Party Relationships Risk Management Guidance, OCC bulletin 2013-29, October 30, 2013)
  • The board of directors must review the due diligence results and management's recommendations for using third parties for critical activities. ("Board of Directors" Bullet 4, Third-Party Relationships Risk Management Guidance, OCC bulletin 2013-29, October 30, 2013)