Business Analyst_Supplier Risk Management
Posted 1 week ago by Sush Talent Limited
£325 Per day
Outside
Hybrid
Preston, England, United Kingdom
Summary: The Business Analyst for Supplier Risk Management will support the Third Party Risk Management Framework by conducting data analysis and creating process documentation. This role involves liaising with procurement to analyze supplier data, documenting supplier intake processes, and assessing inherent risks associated with suppliers. The position requires collaboration with delivery partners and stakeholders to ensure comprehensive risk management practices are established and maintained.
Key Responsibilities:
- Support the Third Party Risk Management Framework definition through data analysis and process documentation.
- Liaise with Procurement to analyze supplier data and fill in gaps as necessary.
- Document the supplier intake process and create formal process documentation with MS Visio workflows.
- Document the supplier categorization process and apply it to prioritized suppliers.
- Document the end-to-end supplier assessment process and question domains.
- Collate tracked supplier cyber risks and document mitigation strategies.
- Define ongoing monitoring requirements and re-assessment processes, formally documenting agreed methodologies.
Key Skills:
- Experience in Third Party Risk Management and data analysis.
- Proficiency in process documentation and MS Visio.
- Strong communication skills for liaising with stakeholders and procurement teams.
- Ability to document and assess supplier categorization and risk assessment processes.
- Experience in cyber risk management and mitigation strategies.
- Collaborative approach to working with delivery partners and stakeholders.
Salary (Rate): £325 daily
City: Preston
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: Other
Job Title-Business Analyst_Supplier Risk Management Client-Global Consulting Firm, End customer-Utility Company Day Rate-£300-£325 (Outside IR35) Duration-3-6 months (extendable) Location-Preston (Hybrid, 1 day per week travel required to the office) Experience and Skills :
- To support the Third Party Risk Management Framework definition, primarily supporting with data analysis and process documentation creation.
- Supplier Inventory Analysis - Liaise with Procurement to pull data from systems that harbour supplier data for both IT & non-IT vendors, and populate the data template provided. Where there are gaps in data, BA will need to engage the relevant stakeholders to fill in the gaps.
- Supplier Intake Process - Work closely with the delivery partner team and attend calls/discussions with Procurement to capture meeting minutes and collate a high-level view of the different ways a supplier (or service) can be procured. BA, with the guidance of delivery partner, to produce formal process documentation once the supplier intake process has been agreed with stakeholders, including an MS Visio showing the process flow.
- Inherent Risk Assessment & Supplier Categorisation Process - Under delivery partner guidance, formally document an agreed supplier categorisation process with the MS Visio workflows. Apply categorisation process to the prioritised list of suppliers from the Supplier Inventory Analysis.
- Under delivery partner guidance, formally document the end to end supplier assessment process and question domains.
- Cyber Supplier Risk Library & Action Plans - Collate all tracked supplier cyber risks and themes, work with delivery partner and cyber stakeholders to identify additional risks that need to be added into the risk library. Using templates provided by delivery partner, populate the risk library. Lastly, work with delivery partner to document the mitigation strategies for each risk in the library.
- Ongoing Monitoring & Re-assessment process - Work closely with delivery partner to define ongoing monitoring requirements and a re-assessment process. Agreed processes and methodology to be formally documented.