Third Party Risk Governance Manager – Hybrid/Remote


Farmington Hills, MI Apr 8
Apply now

Third-Party Risk Governance Manager

The TPR Governance Manager will lead design of break/fix and enhancement process and technology improvement efforts; Assess BU supplier requests to determine initial risk level; Develop program documentation and training; and Ensure system data maintenance (Supplier Manager role changes, etc.).

Position Responsibilities:
TPR Archer Process Design & Data Maintenance
Translate regulatory requirements into program elements (SOC/SOX, Consumer Data Privacy and Protection).
Identify, prioritize, and lead process and system enhancements, manage defect tickets to resolution. Develop associated change management plans and training.
Develop enhancement projects (write requirements, develop, and execute test plans, troubleshoot system issues).
Oversee development and maintenance of system data (user contact and employment status, supplier contacts, supplier deactivation at end of contract) and develop linkages to other Comerica and external data sources/systems.
Develop or update program procedures, job aids, and training materials.
Write system and TPR communications.
Training & Quality Assurance
Identify systemic improvements based on analysis of late data, issues, business unit complaints, surveys.
Develop and administer ongoing Supplier Manager training and job aids for process and system (Archer).
Provide technical training for supplier managers in contract management (SLAs, key provisions/clauses, business reviews, etc.).
Conduct quality assurance activities for inherent risk questionnaires, supplier performance reviews, exit strategies, and other process artifacts.
Assist with program documentation (policies, procedures, frameworks).
Conduct semi-annual supplier manager forum.
Team and Project Management
Direct supervisor for contingent and junior analysts.
Develop and present TPR program during regulatory and audit examinations in support of Program Owner (Mgr Ops and Third-Party Risk).
Identify coordination opportunities with other Risk functions to share resources, reduce impact to first line, and facilitate common approaches.
Serve as project manager for responses to audit and regulatory findings.
Jointly lead (with Cyber) during IT incidents and vulnerabilities that involve suppliers.
Initial Disposition
Perform initial disposition of supplier requests to determine if the proposed outsourcing requires inclusion under TPR program governance.
Work with Legal and Procurement to improve contract clauses in response to operational and regulatory changes, lessons learned.
Review supplier redlines during contract negotiation and recommend what changes are acceptable for service provided.
Maintain lists of minimally managed and centrally managed suppliers (outside of TPR program governance).

Position Qualifications:
Bachelor's Degree from an accredited university
10 years of financial services experience
7 years of Third-Party Risk Management experience
5 years of Developing and managing supplier contracts experience
5 years of eGRC Archer experience
3 years of Project Management experience
Comerica Great Lakes Campus
8:00am - 5:00pm Monday - Friday