Search Results

Learn more about RiskRecon by Mastercard, a TPRA Champion Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > RiskRecon by Mastercard Risk Ratings/Intelligence Champion Member CONTACT INFORMATION Jonathan Ehret VP of Strategy & Risk jonathan.ehret@riskrecon.com www.riskrecon.com Organizations now largely entrust third parties with their most sensitive data and operational functions. To help safeguard your digital ecosystem from third-party risk, you need simple, real-time visibility of third-party partners’ cyber performance. Show More TOP PRODUCT FUNCTIONALITY CATEGORIES Risk assessment Risk Review & Scoring Continuous Monitoring Third-Party Risk Management Supply Chain Risk Management Enterprise Risk Management Unique Custom Risk Prioritization Efficiently Streamlined Risk Management Program Risk Performance Insight Manage Critical Vulnerabilities RESOURCES FROM THIS VENDOR MEMBER 3 Critical Ransomware Lessons for TPRM Professionals VENDOR MEMBER RESOURCE | May 20, 2024 Five Lessons Learned from Over 1000 Ransomware Attacks VENDOR MEMBER RESOURCE | September 11, 2023 Risk Management Insights from 10 Years of Breach Event Monitoring | Whitepaper | RiskRecon VENDOR MEMBER RESOURCE | September 11, 2023 Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES ADDITIONAL OPPORTUNITIES Previous Next

Learn about Hilda AndelizGomez, VP. Enterprise Third Party Risk Performance Analyst for Valley Bank, and TPRA's WNTPRM August 2025 Leader Spotlight. < See All < Previous Next > Hilda AndelizGomez VP. Enterprise Third Party Risk Performance Analyst Valley Bank Biography Hilda Andeliz is a Dominican American professional with over 10 years of experience in the banking industry. She began her career in retail banking, where she built a strong foundation in operations and customer relationships. Her path into Third-Party Risk Management wasn’t conventional—but the turning point came when a leader saw beyond her résumé. They believed in her potential, recognized the value of her frontline experience, and opened the door to a new career path. Today, Hilda serves as Vice President, Enterprise Third-Party Risk Performance Analyst at Valley Bank, where she oversees third-party performance, regulatory alignment, and operational resilience. She leads with empathy, collaboration, and a deep commitment to continuous growth for herself and those around her. Hilda has shared her journey and insights at events like CeFPro’s Vendor & Third-Party Risk USA and through Aravo’s webinars, championing the belief that growth in risk management is a shared journey driven by support, connection, and purpose.Hilda holds a Bachelor’s degree in Finance from Rutgers University and is a Certified Third-Party Risk Management Professional (C3PRMP). Leadership Characteristics My leadership characteristics are rooted in empathy, integrity, and collaboration. I lead with purpose and adaptability, always focused on creating environments where people feel empowered to grow, contribute, and thrive. I bring a detail-oriented mindset and a passion for continuous improvement, using data, clear communication, and proactive problem solving to drive meaningful results. Whether it’s regulatory stewardship, vendor partnerships, or cross-functional execution, I approach each challenge with a commitment to learning, inclusion, and long-term impact. I believe strong leadership is not just about outcomes—it’s about how we show up for others and create space for innovation and growth. Leadership Challenges One of the most meaningful leadership challenges I’ve faced was stepping into new roles while leading teams with diverse backgrounds, often including individuals with more industry experience or different learning styles. Navigating these dynamics taught me that leadership isn’t about having all the answers; it’s about showing up with humility, listening actively, and creating space for others to thrive. I’ve learned to adapt my approach to meet people where they are, foster an inclusive environment, and lead with empathy and openness. These experiences, much like my own nontraditional path into Third-Party Risk Management, have reinforced my belief that trust, collaboration, and belief in one another are what truly move teams—and careers—forward. Key Take-a-ways One of my favorite aspects of Third-Party Risk Management(TPRM) is how it goes far beyond oversight—it’s about aligning people, processes, and strategy to strengthen the organization as a whole. At its core, TPRM is relationship-driven. The most effective partnerships are built on trust, transparency, and consistent communication. For me, growth in this space begins from within. It starts with believing in yourself and showing up with purpose, courage, and a willingness to evolve. That mindset has shaped how I lead, collaborate, and contribute to the broader mission of risk management. Fun Fact Outside of work, I find balance and energy in the moments that bring me joy and connection. Whether it’s traveling to new places, spending peaceful days at the beach, or dancing to music that lifts my spirits, these experiences help me recharge and stay grounded. The time I treasure most, however, is the time I spend with my daughter. From exploring new adventures to sharing quiet, everyday moments, being with her reminds me of what truly matters. She inspires me to approach life and work with intention, purpose, and gratitude, constantly shaping the example I strive to set for her.

Learn about Darla Graff, Third Party Risk Manager for Erie Insurance, and TPRA's WNTPRM May 2024 Leader Spotlight. < See All < Previous Next > Darla Graff Third Party Risk Manager Erie Insurance Biography Third Party Risk and Cybersecurity leader with experience in building and managing comprehensive and effective Third Party Risk Management programs and high-performing teams. Over 25 years of experience across multiple domains including third party risk management, cybersecurity, privacy, business resiliency, IT, regulatory compliance (PCI, HIPAA, SOX, NYDFS) and IT audit. Certifications: CISM, CISA, CRISC, CDPSE, CTPRP, CTPRA. Leadership Characteristics Passionate, enthusiastic, collaborative, and inclusive. Effectively manages by empowering others, strategic and forward thinking, and through risk-based decision-making. Leadership Challenges Maintaining strategic alignment of the Third Party Risk Management program with the rapid advancement and growth of the business, innovation, and technology, while simultaneously optimizing the processes to assess, monitor and reduce risks related to the use of third parties. Key Take-a-ways Third Party Risk Management has been a dynamic and rewarding career, with opportunities to make a positive impact. It requires a unique skillset that combines strong communication skills, business knowledge, collaboration, with an in-depth understanding of emerging risks, threats, and new technology, which keeps the work interesting and challenging. Also requires specialized technical knowledge and competency in multiple risk domains including risk management, cyber security, privacy, and business resiliency. Third Party Risk Management continues to increase in importance and often the largest risk to organizations as they continue to increase their dependency on third parties by outsourcing business operations, which provides visibility at the top of the organization including the Board of Directors. Fun Fact "I am a fine art, nature, and wildlife photographer operating my own business. My photographic art is available for purchase at local galleries, art exhibits, and my website."

Learn more about FAIR Institute, a TPRA Strategic Partner, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > FAIR Institute Research & Educational Community Strategic Partner CONTACT INFORMATION Luke Bader Director Membership and Programs lbader@fairinstitute.org Watch Video The FAIR Institute is a research-driven not-for-profit organization dedicated to advancing the discipline of cyber and operational risk management through education, standards and collaboration.The Institute is made up of forward-thinking risk officers, cybersecurity leaders and business executives that operates with a central mission:“Establish and promote risk management best practices that empower security and risk professionals to collaborate with their business partners on achieving the right balance between protecting the organization and running the business.”Factor Analysis of Information Risk (FAIR™) is the framework and the driver behind our mission. TOP PRODUCT FUNCTIONALITY CATEGORIES Cyber Risk Management Cyber Risk Quantification Third Party Risk Management AI Risk Controls Efficacy Board Reporting Decision Making Cost-Benefit Analysis Measuring Materiality Meeting Regulations RESOURCES FROM THIS VENDOR MEMBER Load More EVENTS FROM THIS VENDOR MEMBER FAIR Third-Party Risk Management Specialization Virtual Training Course February 9, 2026 Building Stronger Risk Cultures: Understanding and Applying the Organisational Risk Culture Standard (ORCS) Live Webinar February 18, 2026 NEWS & UPDATES ADDITIONAL OPPORTUNITIES Use Code "TPRAFAIRCON25CODE" for 75% off FAIR Conference DISCOUNT TPRA Members can take advantage of this exclusive opportunity! Use code " TPRAFAIRCON25CODE " to get 75% off FAIR Conference tickets! This cyber risk management event will be held November 4 – 5, 2025 , in New York City . Visit the Website Previous Next

< Previous View Resource Library Next > VIDEOS TPRM 101: Risk Identification Risk Identification is the fourth section of the Pre-Contract Due Diligence phase in the TPRM lifecycle. This video explores how to identify and categorize risks associated with third-party engagements—before contracts are signed and services begin. Key features include: Techniques for gathering data and documentation from vendors Risk domains to evaluate (e.g., information security, financial viability, compliance) How to align findings with business expectations and regulatory exposure Common red flags and how to investigate them further WATCH

Get to know Kim LaBarbiera, TPRA Board Member, and a member of TPRA's Board of Directors! < Back Kim LaBarbiera TPRA Board Member BOARD OF DIRECTORS Kim M. LaBarbiera is a Board Member for TPRA and specializes in Cybersecurity, Resilience, and Third-Party Risk Management; FinTech; payment processing; bank vendor risk; open banking; compliance audit functions; regulatory requirements; cloud computing and lobbying. Prior to working at American Express, Kim held various legal, compliance, and risk roles at: Goldman, Sachs, USAA, Lloyds Bank, and Société General, among other global financial institutions. Kim holds a BA from Boston College, JD from Seton Hall Law School, and LLM from Georgetown University. She is GDPR, CAMS, CTPRP certified and is pursuing an Executive AI Certification at MIT. She has previously held equity and options principal licenses. Next >

Get to know Heather Kadavy, TPRA's Director of Membership Success! < Back Heather Kadavy Director of Membership Success SENIOR STAFF Heather Kadavy is the Director of Membership Success at the Third Party Risk Association (TPRA) , where she advances the global Third-Party Risk Management (TPRM) community by connecting practitioners, service providers, and thought leaders across the broader GRC ecosystem. With nearly 35 years of experience in financial services , Heather brings deep expertise across TPRM, Enterprise Risk Management, Cybersecurity, Information security, Business Resiliency, Vendor Governance, and Regulatory Risk . Prior to joining TPRA in 2023, she led and matured multiple enterprise-wide risk programs at a Nebraska-based financial institution, overseeing more than 1,000 third-party relationships , due diligence processes, and contract management activities. She has also provided independent TPRM executive consulting to organizations seeking to strengthen their programs and practices. A passionate educator and facilitator, Heather has designed and delivered risk and compliance training for thousands and has served in leadership and board roles supporting local, regional, and statewide peer collaborations among financial institutions, regulators, law enforcement, and industry organizations. Known as a natural connector , Heather believes meaningful relationships are the foundation of strong risk management. Her approach blends technical expertise with kindness, clarity, and collaboration , helping individuals and organizations grow their influence while strengthening the TPRM profession. Heather holds a bachelor's degree in accounting from the University of Nebraska–Lincoln and has held multiple professional certifications, including but not limited to: Certified Enterprise Risk Professional (CERP) , Certified Third Party Risk Management (CTPRM) , and Certified Banking Vendor Manager (CBVM) . Based in Lincoln, Nebraska , Heather enjoys volunteering, puzzles, baking, and time with family and friends. She welcomes connection through TPRA and LinkedIn to continue the TPRM Global Conversation . Next >

FOR IMMEDIATE RELEASE TPRA Announces Launch of New Learning Management System for Certification and Certificate Programs Monday, November 17, 2025 TPRA's new training and examination site on the Inspire360 platform. The Third Party Risk Association (TPRA) will be moving its professional training and certification platform to Inspire360 in January of 2026 ANKENY, IOWA — NOVEMBER 17, 2025 — The Third Party Risk Association (TPRA) is pleased to announce the upcoming launch of its new educational platform and Learning Management System (LMS) in January 2026 . This transition marks an exciting step forward in TPRA’s mission to enhance the learning experience for risk management professionals around the globe. The new LMS will offer a more engaging and streamlined experience , allowing registrants to easily navigate between trainings, exams, and certifications. Registrants will also be able to upload and track their continuing professional education (CPE) credits. With improved functionality and user-friendly design, TPRA aims to provide a centralized space where all education-related activities—from registration to completion—can be accessed with ease. “Our goal is to create a modern, intuitive learning environment that supports every stage of a registrant’s certification journey,” said Julie Gaiaschi, TPRA’s CEO & Co-Founder. “This upgrade reflects our commitment to continuous improvement and to meeting the evolving needs of our professional community.” Migration from Current System TPRA will suspend TPCRA registration on its website beginning on Wednesday, November 17 th, through December 31, 2025, to allow for the transition to the new platform. Those who have previously registered through the old system but are still in the process of completing TPCRA training and/or their examination will be automatically transferred to the new system and contacted by TPRA if additional information is needed. What to Expect Launch Date for the new Learning System: January 7, 2026 New Platform: Inspire 360 User Setup: On launch day, all current learners will receive an email from support+tpra@inspire360.com with the subject line “Update Your Account.” This one-time-use link will allow users to set their password and verify their account. Welcome Experience: After verification, users will receive a Welcome Email with step-by-step guidance on navigating the new system. Continuity of Learning: Learners who are already certified will see their certification in the new system. Those currently in the process of the TPCRA will complete their training and examination requirements in the current system. Support and Assistance Technical Support: support+tpra@inspire360.com Education Support: hilary.jewhurst@tprassociation.org TPRA will send additional communications leading up to the transition to ensure a smooth and seamless experience for all registrants. “We deeply appreciate the continued support of our members and learners,” added Julie Gaiaschi. “We’re excited to unveil the new features and capabilities this platform will offer as we continue to advance education in third party risk management.” About TPRA The Third Party Risk Association (TPRA) is a non-profit organization dedicated to advancing the profession of third party risk management (TPRM) through collaboration, education, and community engagement. TPRA supports practitioners and organizations around the world with resources, training, and networking opportunities that strengthen risk management programs and professional development. MEDIA CONTACT Meghan Schrader Marketing & Communications Manager Third Party Risk Association (TPRA) meghan.schrader@tprassociation.org https://www.tprassociation.org/ FOR MORE INFORMATION https://tpra.inspire360.com/ Previous Next

FOR IMMEDIATE RELEASE Exiger Named 2024 Innovator Award Winner Thursday, April 11, 2024 Robert Huff (left), Senior Vice President, Third-Party & Supply Chain Risk Management Solutions for Exiger, accepts the 2024 Innovator Award from Julie Gaiaschi (right), CEO & Co-founder of the Third Party Risk Association (TPRA) at TPRA's 2024 In-Person Conference in Phoenix, AZ. Exiger Named Third Party Risk Association's (TPRA) 2024 Third Party Risk Management (TPRM) Service Provider Innovator Award Winner PHOENIX, ARIZONA — APRIL 11, 2024 — At the Third Party Risk Association’s (TPRA) 2024 TPRM Conference, “Third Party Risk Madness” in Phoenix, Arizona, TPRA announced Exiger as the 2024 winner for their TPRM Service Provider Innovator Award. “We couldn’t be more excited! Thank you to all of the judges, all of the TPRA leadership, and the TPRM community,” said Brandon Daniels, Chief Executive Officer at Exiger. “Let’s make the world a safer and more transparent place for our customers to succeed!” TPRA had 24 total Service Provider nominations for this award, with 6 organizations chosen to be finalists in the award process. Despite the difficult selection process given the many outstanding service providers, the TPRA Board of Directors and select Practitioners chose Exiger as the overall winner. “What intrigued us the most about this organization is, not only do they obtain large amounts of data and correlate that data against a set of controls and regulations to determine current risks, but the correlation of that information via AI allows them to also provide you with leading risk indicators,” Julie Gaiaschi, CEO & Co-founder of the Third Party Risk Association, noted during her announcement speech. One example of this is that Exiger can provide customers with specific risks as they relate to a piece of software via CVE and the software assessment itself, but also provide leading risk indictors of how the software was developed. Not only does Exiger look at cyber risk, but also financial health, operational, regulatory, reputational, and criminal risk (which includes export controls). Because of their connection to the government, they map regulations to controls and artifacts, as well to determine regulatory compliance, via artificial intelligence (AI). When asked how they maintain the regulatory compliance side with so many new and changing regulations, Exiger stated they are, “...looking at each rule via AI and assessing changes and updates to the policy, rulemaking, or legislation on a regular basis.” In addition, they meet with regulators to help define legislation to ensure they can validate specific controls. The last piece that intrigued TPRA judges was their ability to perform root cause analysis of findings. Their AI model can articulate why risks exist through natural language prompts and provide the evidence it found to support the finding. For all these reasons and more, TPRA selected Exiger as their 2024 TPRM Service Provider Innovator Award winner. About Exiger Exiger got their start in terms of large scale TPRM in this sector with the Defense Counter Intelligence Agency and within the last few years have now branched out into the commercial space (which now makes up the majority of their business). Within the commercial sector, the majority of their clients are in healthcare, Information Communication Technology, and Advanced Manufacturing (or critical infrastructure). They are now seeing an increase in retail as well, post-COVID. Exiger is actively working to simplify the user experience by identifying risk no matter what domain it is in via not only open and privately procured sources, but also by correlating information obtained and within regulations via AI. Their mission is to provide a safer and more transparent space for customers to succeed. For more information about Exiger and their innovative approaches to identifying and mitigating third party risk, visit www.exiger.com . About the Award One of the objectives of the Third Party Risk Association (TPRA) is to promote the value that Third Party Risk Management (TPRM) Service Providers add with regards to advancing the TPRM industry as a whole. In support of this objective, the TPRA created the TPRM Service Provider Innovator Award to recognize all the work TPRM Service Providers put into delivering innovative, efficient, and effective tools and techniques for Practitioners to leverage to assess, mitigate, and manage the risk of third parties. After reviewing the initial applications, TPRA’s seven judges chose six organizations as finalists in the award process. The team of judges then met with these organizations individually to further discuss their application, where they see their organizations headed within the next five years, what they would change about the TPRM industry, and why social responsibility is important to them. “These organizations are all innovative in their own right,” TPRA noted in their initial announcement. “While this award is simply a visible recognition for one, all of these organizations are doing so many innovative and important things to better mitigate risk, improve processing times, reduce resource workload, and provide more meaningful risk identification and mitigation techniques.” This award recognizes a TPRM Service Provider organization that: offers a product and/or service to the TPRM Practitioner community at large to assist with identifying, assessing, monitoring, and/or mitigating third party risk, actively advances the industry through pioneering and/or innovating TPRM solutions/services, regularly collaborates with Practitioners, Regulators, and/or other Service Providers in the creation, implementation, and/or delivery of their innovative products/services, and advocates for and exemplifies social responsibility and philanthropy. Any TPRM Service Provider organization may apply for this award, regardless of membership with the TPRA. “We are extremely grateful to every one of the 24 innovative service provider organizations that applied this year. We look forward to getting to know even more awesome organizations in the coming years and giving them their due recognition through our Innovator Award Program,” Gaiaschi said in closing. ### The Third Party Risk Association was created out of a necessity to build a community of like-minded third party risk professionals to allow for the sharing of best practices, exchanging of ideas, and influencing of an industry. This organization is a 501(c)(6) not- for-profit. MEDIA CONTACT Meghan Schrader Meghan.schrader@tprassociation.org www.tprassociation.org FOR MORE INFORMATION https://www.tprassociation.org/innovator-award Previous Next

LIVE WEBINAR Roundtable: TPRA Year In Review / Look Ahead + FUN! Thursday, December 10, 2026 Date & Time Thursday, December 10, 2026 at 4:00:00 PM UTC Intended Audience All TPRM Professionals Duration 1 hr CPE Credits 1 Fee Free Register Event Description Wrap up the year with us on December 10, 2026, from 10:00 to 11:00 AM CT for a reflective and forward-looking roundtable. This festive session will celebrate the TPRM community’s 2026 milestones, review key lessons learned, and preview upcoming initiatives and trends for 2027. In addition to valuable insights, enjoy interactive discussions, lighthearted activities, and an opportunity to connect with peers as we close out the year on a positive and energized note. Show More SPEAKER(S) INFORMATION CPE CREDIT FACILITATED BY Julie Gaiaschi CEO & Co-Founder | Third Party Risk Association (TPRA) Julie Gaiaschi, CISA, CISM, is the CEO & Co-Founder of the Third Party Risk Association (TPRA). She has over 15 years of technology and information security risk experience, with the last 10 years specializing in third party risk identification and mitigation techniques. In her role as CEO, she provides strategic direction for the non-profit, whose mission it is to further the third party risk profession through knowledge sharing and networking. She also has a passion for helping others enhance their own third party risk management programs. In 2021, Julie was awarded " CEO of the Year " by Women in Governance, Risk, and Compliance. Prior to co-founding the TPRA, Julie consulted on third party risk for a large bank. She also developed and led a large health payer organization’s Third Party Security program. There, she established and executed the third party risk assessment process, which included integration into the Procurement process. Prior to her role as the leader over Third Party Security, Julie was a Senior IT Auditor. Julie resides in Iowa with her husband and two girls. She enjoys traveling and cooking. About These Meetings Monthly Member Meetings are held every second Thursday of the month. Join us for relevant and informative roundtables, panels, and/or presentations on TPRM topics and pain points our members noted within the 2025 end-of-year survey. Who Should Attend All TPRM professionals are invited to these events, including TPRA Practitioner Members, TPRA Vendor Members, and Non-members. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . TPRA Members are eligible to receive 0.5 CPE credits for every 30 minutes of the LIVE meeting that they attend. (Ex. Attend for 30 minutes = 0.5 CPE credits. Attend for 1 hour = 1 CPE credits). CPE Credit will be issued upon completion of the post-event survey. Please allow at least one week following the event to receive your CPE certificate.

Learn more about Atlas Systems, a TPRA Partner Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > Atlas Systems TPRM Platform Partner Member CONTACT INFORMATION Email: sales@atlassystems.com Phone: +1 (609) 647-9299 Address: 1 Tower Center Blvd, Suite 2202 East Brunswick, NJ 08816-1145 United States ComplyScore® by Atlas Systems is an AI-enabled Third-Party Risk Management (TPRM) platform, empowering organizations to proactively identify, assess, and mitigate vendor-related risks across cybersecurity, privacy, compliance, legal, and operational domains. With over 100 clients in 65+ countries, ComplyScore® delivers end-to-end risk management through automated workflows, real-time monitoring, dynamic dashboards, and risk tiering capabilities. ComplyScore® also integrates industry frameworks (SOC2, HIPAA, NIST, ISO 27001, HITRUST) to ensure regulatory alignment, while its Third-Party Risk Assessment-as-a-Service model acts as an extension of enterprise risk teams—enhancing compliance, performance, and resilience. TOP PRODUCT FUNCTIONALITY CATEGORIES Third-Party Risk Management Comprehensive lifecycle management of third-party risks, from onboarding to offboarding. Cybersecurity Risk Assessment Evaluate vendor cybersecurity posture through integrated assessments and threat intelligence. Privacy & Data Protection Compliance Ensure adherence to global regulations like DPDP, GDPR, HIPAA, and more. Vendor Governance & Lifecycle Management Centralized governance with workflows to manage vendor onboarding, performance, and offboarding. Risk-Based Vendor Tiering & Inherent Risk Reports Instantly generate inherent risk reports using public and third-party data to drive automated tiering. Continuous Monitoring & Risk Alerts Real-time alerts and continuous monitoring powered by integrations with providers like D&B and RiskRecon. Intelligent Questionnaire Modules AI-driven dynamic questionnaires tailored to vendor type and risk profile. Contract Management Full contract lifecycle management, including creation, tracking, renewals, and SLA compliance. Regulatory Compliance Tracking Map and track controls against frameworks like SOC 2, NIST, ISO, etc. Real-Time Reporting & Custom Dashboards Role-based dashboards with real-time insights, trends, and exportable reports. RESOURCES FROM THIS VENDOR MEMBER Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES Atlas Systems Named a Representative Vendor in 2025 Gartner® Market Guide for Third-Party Risk Management Technology Solutions July 28, 2025 ADDITIONAL OPPORTUNITIES Previous Next

Supply Wisdom is dedicated to ensuring equality and diversity within its organization, enabling these goals through its programs, policies, and practices.  < Back Supply Wisdom is dedicated to ensuring equality and diversity within its organization, enabling these goals through its programs, policies, and practices. 58% of Supply Wisdom employees are women 50% of Supply Wisdom's executive team are women Their Story Supply Wisdom provides a real-time, continuous monitoring platform that delivers actionable risk intelligence across multiple domains to help businesses proactively manage and mitigate third-party and supply chain risks. “What we're really looking to do is bring third party risk management to a more automated, real-time solution, instead of the historic, kind of archaic, questionnaire-focused point-in-time assessments,” Jenna Wells, Chief Customer & Product Officer of Supply Wisdom, said in an interview with TPRA. Supply Wisdom’s platform aims to be a one-stop solution for managing key vendors and locations, with alerts, comprehensive risk reports, interactive dashboards, and more. But that isn’t all they do. Supply Wisdom is dedicated to ensuring equality and diversity within their organization, enabling these goals through their programs, policies, and practices. TPRA interviewed Supply Wisdom staff to get a better idea of how they uplift and support women, and to gain details of actionable practices other organizations can take to ensure the same. How does your company support women's professional networks and mentorship opportunities, both within the organization and in the wider industry? In a field traditionally dominated by men, Supply Wisdom stands out with 58% of employees, as well as 50% of their executive team, being women. “When you have women representatives in high levels of the company and areas of leadership across the company, that's the most important foundation that you can have to ensure that women are being promoted and heard across the organization,” Hannah Ford, Head of Product, said. “And being seen in the industry as leaders, is by having them in that position.” What programs does Supply Wisdom have in place to support the career development and advancement of women within the organization? Supply Wisdom has instituted a Skill Development Program, managed by their talent team, during which employees are encouraged to work with their managers to identify areas they would like to skill-up, and then the company financially supporting those areas to see that goal realized. “It really helps a lot of the women who are younger in their careers, who want to skill up in areas, maybe traditionally, they wouldn't have had the opportunity to, or didn't have the financial means to,” Wells shared. Can you provide examples of how your organization has celebrated and recognized the achievements of women employees? Supply Wisdom has a quarterly nomination program which is designed to encourage and reward significant individual/team contributions. They consistently receive nominations for women who are considered “Champions” within the company, and announce awards during their quarterly, all-staff Recognition Townhall meetings. “I think that's a really great way as well where the leadership can work together to nominate some employees who might not have that same exposure that we do,” Wells said. “We really push hard to make sure that, the people that we are recognizing are not the ones that do the most politicking around the water cooler, but are the ones that actually get the work done and are the highest performers,” Tom Thimot, CEO of Supply Wisdom, said. What measures are in place to ensure a supportive and inclusive work environment for women, including policies on work-life balance, parental leave, and flexible working arrangements? Flexible Time Off Policy Supply Wisdom utilizes a “flex time off” policy that gives employees the flexibility to take time off when needed, without being restricted by a set number of vacation or personal days. Below is an overview of their policy: Unlimited Time Off: Employees are not given a fixed number of vacation or sick days. Instead, they can request time off as needed for vacations, personal matters, or illness, subject to management approval. Manager Approval: While time off is "unlimited," employees need to coordinate with their managers to ensure their absence won't negatively affect work or team performance. This helps balance flexibility with business needs. Work Output Focus: The emphasis is on performance and meeting goals rather than tracking the exact number of days worked. Employees are trusted to manage their own schedules responsibly, focusing on productivity rather than time spent in the office. No Accrual or Payout: Since time off is flexible and unlimited, there’s no accrual of days or payout for unused days at the end of employment. In traditional PTO policies, employees might accumulate vacation days, which would be paid out if they leave the company, but this is not the case with flex time. Encouragement to Take Time Off: Supply Wisdom encourages employees to take a minimum number of days off per year to promote a healthy work-life balance. They track days off and send regular reminders to employees who aren't taking time off. Fair Use Expectations: They set guidelines to prevent abuse of the policy, ensuring employees don’t take excessive time off that could disrupt work or set an unfair precedent for others. “I feel like it really enables especially women, who many times are the caregivers in their homes,” Wells noted. “They're taking care of children, they're taking care of parents; there's so many other responsibilities, and having that flexibility that is encompassing this organization, I think is really helpful.” Sowmya Krishnaswamy, Chief Technology Officer of Supply Wisdom, noted that caregiving is often a women-oriented responsibility in Indian culture. “Because of these policies, it helps me a lot to focus on my family and other things, and as well as my career,” Krishnaswamy said. Parental Leave Policy In addition, Supply Wisdom’s parental leave policy is designed with families in mind, offering 12 weeks of fully paid time off for both mothers and fathers. This benefit applies to the birth, adoption, or foster care of a child, reflecting their commitment to supporting employees during these pivotal moments in life. This policy stands out for several reasons: Gender-Inclusive: By offering equal time off to both parents, regardless of gender, they ensure that all employees have the opportunity to bond with their child and support their family without financial strain. Work-Life Balance: Supply Wisdom recognizes that balancing professional responsibilities and family life is key to employee well-being. With 12 weeks of paid leave, parents can take the necessary time to adjust to new family dynamics while maintaining job security and income stability. Adoption & Foster Care Support: Unlike some policies that only focus on childbirth, Supply Wisdom’s leave extends to parents welcoming a child through adoption or foster care, emphasizing their belief that every family deserves equal support. No Disability or Supplemental Pay Required: Supply Wisdom’s policy provides full pay for the entire leave period, eliminating the need for employees to navigate disability pay or supplemental income programs. This simplicity allows parents to focus fully on their new family responsibilities without the stress of managing financial details. Short-Term Disability Benefits for Expectant Mothers: Expectant mothers who deliver their child can also apply for short-term disability benefits, in addition to the 12 weeks of paid parental leave. This ensures that they receive the necessary medical support during recovery while still being eligible for the full parental leave afterward. Employee Retention & Loyalty: By prioritizing parental leave, Supply Wisdom fosters a culture that values and supports work-life balance, which helps retain top talent and build long-term loyalty. Supply Wisdom’s comprehensive approach ensures that employees can focus on what matters most—family—while maintaining confidence in their role and career progression within the company. How does your organization engage men as allies in promoting gender equality and supporting women in the workplace? How does your organization address and prevent gender bias in hiring, promotions, and performance evaluations? Supply Wisdom has a zero-tolerance policy when it comes to bias and discrimination, ensuring that, in their hiring practices and performance reviews, they measure people only on job performance and results. In the event a leader demonstrates an inability to be an ally and measure objectively, Supply Wisdom upper management will reevaluate that person's place within the company. “You walk the talk, right?” Thimot stated. “If the CEO is an ally and they know that people are only getting measured on one thing, and that's aptitude and their delivery on results, people get the message. The ‘good old boy’ network does not exist here.” “Just the nature of the structure of our company is really doing the most, in my opinion, to ensure that women across the organization are elevated and have their voices heard,” Ford shared. TPRA is proud to highlight an organization that not only excels in TPRM but is also committed to gender equality and diversity. We believe that empowering women in the workplace leads to stronger, more resilient businesses. In that regard, Supply Wisdom is leading by example, creating opportunities for women to thrive and setting new standards for the industry. CAREER OPPORTUNITIES WITH THIS ORGANIZATION (IF PROVIDED) Previous Next