Third-Party Risk Governance Manager
The TPR Governance Manager will lead design of break/fix and enhancement process and technology improvement efforts; Assess BU supplier requests to determine initial risk level; Develop program documentation and training; and Ensure system data maintenance (Supplier Manager role changes, etc.).
Position Responsibilities:
TPR Archer Process Design & Data Maintenance
- Translate regulatory requirements into program elements (SOC/SOX, Consumer Data Privacy and Protection).
- Identify, prioritize, and lead process and system enhancements, manage defect tickets to resolution. Develop associated change management plans and training.
- Develop enhancement projects (write requirements, develop, and execute test plans, troubleshoot system issues).
- Oversee development and maintenance of system data (user contact and employment status, supplier contacts, supplier deactivation at end of contract) and develop linkages to other Comerica and external data sources/systems.
- Develop or update program procedures, job aids, and training materials.
- Write system and TPR communications.
Training & Quality Assurance
- Identify systemic improvements based on analysis of late data, issues, business unit complaints, surveys.
- Develop and administer ongoing Supplier Manager training and job aids for process and system (Archer).
- Provide technical training for supplier managers in contract management (SLAs, key provisions/clauses, business reviews, etc.).
- Conduct quality assurance activities for inherent risk questionnaires, supplier performance reviews, exit strategies, and other process artifacts.
- Assist with program documentation (policies, procedures, frameworks).
- Conduct semi-annual supplier manager forum.
Team and Project Management
- Direct supervisor for contingent and junior analysts.
- Develop and present TPR program during regulatory and audit examinations in support of Program Owner (Mgr Ops and Third-Party Risk).
- Identify coordination opportunities with other Risk functions to share resources, reduce impact to first line, and facilitate common approaches.
- Serve as project manager for responses to audit and regulatory findings.
- Jointly lead (with Cyber) during IT incidents and vulnerabilities that involve suppliers.
Initial Disposition
- Perform initial disposition of supplier requests to determine if the proposed outsourcing requires inclusion under TPR program governance.
- Work with Legal and Procurement to improve contract clauses in response to operational and regulatory changes, lessons learned.
- Review supplier redlines during contract negotiation and recommend what changes are acceptable for service provided.
- Maintain lists of minimally managed and centrally managed suppliers (outside of TPR program governance).
Position Qualifications:
- Bachelor's Degree from an accredited university
- 10 years of financial services experience
- 7 years of Third-Party Risk Management experience
- 5 years of Developing and managing supplier contracts experience
- 5 years of eGRC Archer experience
- 3 years of Project Management experience
Comerica Great Lakes Campus
8:00am - 5:00pm Monday - Friday