Solutions
- Cyber Risk
  
  We bring the best of our collective experience, energy and creative power to fiercely safeguard our clients and fortify their communities.
  
  We bring the best of our collective experience, energy and creative power to fiercely safeguard our clients and fortify their communities.
- Third Party Risk Management
  
  Automate, accelerate and centralise third-party risk management across your critical service providers and other relationships with our market-leading solution.
  
  Automate, accelerate and centralise third-party risk management across your critical service providers and other relationships with our market-leading solution.
- Bank Network Management
  
  The only comprehensive solution for Bank Network Management, supporting most of the world’s largest banks manage their complex global networks, local market exposures and compliance requirements.
  
  The only comprehensive solution for Bank Network Management, supporting most of the world’s largest banks manage their complex global networks, local market exposures and compliance requirements.
- Capital Markets
  
  The world’s leading global advisory practice for financial market infrastructures since 1994, supporting FMIs to manage risk, regulation and market transformation.
  
  The world’s leading global advisory practice for financial market infrastructures since 1994, supporting FMIs to manage risk, regulation and market transformation.
- Funds
  
  We provide independent advice across custody and investment operations, helping our clients achieve best market practices. We also provide a powerful automated solution for Operational Due Diligence (ODD) and Third-Party Risk Management.
  
  We provide independent advice across custody and investment operations, helping our clients achieve best market practices. We also provide a powerful automated solution for Operational Due Diligence (ODD) and Third-Party Risk Management.
Platform
- Orbit Risk
  - Orbit Intelligence
    
    Orbit Intelligence captures your risk landscape, pulling together insights from across the platform. It centralises risk analysis, data, and news on your portfolio of monitored organisations.
    
    Orbit Intelligence captures your risk landscape, pulling together insights from across the platform. It centralises risk analysis, data, and news on your portfolio of monitored organisations.
  - Orbit Diligence
    
    Orbit Diligence automates your DDQ and RFI processes for a wide range of use cases, accessing a library of off-the-shelf questionnaires and risk frameworks, freeing up valuable resources.
    
    Orbit Diligence automates your DDQ and RFI processes for a wide range of use cases, accessing a library of off-the-shelf questionnaires and risk frameworks, freeing up valuable resources.
  - Orbit Security
    Enterprise Cyber Risk
    
    Enhance your cyber risk management by gaining complete visibility over your attack surface. Orbit Security monitors for breaches and vulnerabilities that could be exploited by threat actors, so you can prioritise remediation.
    
    Enhance your cyber risk management by gaining complete visibility over your attack surface. Orbit Security monitors for breaches and vulnerabilities that could be exploited by threat actors, so you can prioritise remediation.
    Third Party Cyber Risk
    
    Manage your exposure to critical third parties with continuous, data-driven monitoring. Analyse any entity’s security posture with Orbit Security Ratings and digitised IT Security questionnaires.
    
    Manage your exposure to critical third parties with continuous, data-driven monitoring. Analyse any entity’s security posture with Orbit Security Ratings and digitised IT Security questionnaires.
    
    Orbit Security Ratings are an automated, powerful way to continuously monitor the cyber security posture of your organisation and the third parties it relies on, with data-driven analytics so you can enhance the security of your ecosystem.
    
    Orbit Security Ratings are an automated, powerful way to continuously monitor the cyber security posture of your organisation and the third parties it relies on, with data-driven analytics so you can enhance the security of your ecosystem.
  Achieve trust, transparency and security with a single platform. A leading solution for companies looking to digitise and automate their risk management, leveraging Intelligence, Diligence and Security.
  
  Achieve trust, transparency and security with a single platform. A leading solution for companies looking to digitise and automate their risk management, leveraging Intelligence, Diligence and Security.
Insights
- eBooks
- Articles
- Webinars
- Whitepapers
- Newsletters
  MONTHLY
  Risk Committee
  Insights into the key events in the world’s banks and markets from our team of analysts, FMI experts and network managers.
  DORA Digest
  Stay ahead of developments as implementation of the Digital Operational Resilience Act enters its final stages.
  WEEKLY
  Cyber Series
  Each week, our cyber security experts take an in-depth look at the key issues and events shaping the digital world.
  MONTHLY
  Risk Committee
  Insights into the key events in the world’s banks and markets from our team of analysts, FMI experts and network managers.
  DORA Digest
  Stay ahead of developments as implementation of the Digital Operational Resilience Act enters its final stages.
  WEEKLY
  Cyber Series
  Each week, our cyber security experts take an in-depth look at the key issues and events shaping the digital world.
Customers
About Us

Under cyber attack?

Call our incident response team 24/7 on +44 (0) 207 459 4888 for immediate help from our friendly experts

16 August 2023

1 min read

How strong are your vendors’ ESG frameworks?

Third-Party Risk Management

About the author

Phoebe Jordan

Managing Director | TPRM

Phoebe Jordan is the Managing Director, Third-Party Risk Management. She first joined the company in 2014 as an intern in the Sub Custody Team. She introduced third-party risk management to Thomas Murray, and currently has responsibility for sales, marketing and product across our third-party risk solution.

A seven-point ESG maturity checklist

Many organisations now support their stakeholders and communities with their environmental, social and governance (ESG) initiatives. Ensuring that these are carried throughout the supply chain can be tricky, as some vendors will have more mature frameworks than others. That’s often a difficult thing to gauge, so we’ve created this checklist to get you started. Are you ready to find out how your third parties measure up?

Remember, this checklist is a starting point that you can tailor to the specific needs and context of your organisation. Regularly reviewing and updating your progress towards your ESG goals, including with third-party assessments, will help drive continuous improvement and demonstrate a commitment to sustainable practices.

As with all due diligence and risk management initiatives, monitoring ESG performance must never be a tick-box exercise. Incorporating ESG principles into your vendor risk management is about cutting through the PR and understanding fundamental risks.

Why not take the test yourself to find out how mature your own organisation’s ESG is?

Orbit Diligence

Orbit Diligence

Automate your DDQ and RFI processes for a wide range of use cases, with access to a library of off-the-shelf questionnaires and risk frameworks.

Contact an expert

Sarah Nelson

Sarah Nelson

Senior SaaS Sales Executive | SaaS sales

snelson@thomasmurray.com

Phoebe Jordan , Managing Director | TPRM

Phoebe Jordan

Managing Director | TPRM

pjordan@thomasmurray.com