Entries in third-party due diligence (3)
The DOJ and SEC expect diverse functional areas of organizations to participate in compliance risk assessments. Among them are compliance, legal, internal audit, procurement, and finance. Human resources, marketing, and public relations also usually have a role.
I was surprised to hear some financial services industry experts say that many large firms don't always know who their third parties are and what exactly they are doing for the firm.