Impact Tolerances

Third-Party Risk Management:

Frequently Asked Questions

Impact Tolerances

What are impact tolerances?

Impact tolerances are descriptions of the tolerance, or levels of acceptance, that an organization will have for instances of disruption to business activities. Impact tolerance is usually described using outcomes and metrics and should be created in relationship with the organization’s risk appetite. It differs from risk appetite because it is assuming that a particular risk event has already happened. There is a greater focus on impact tolerances from regulators who are concerned with operational resilience.

Why are impact tolerances an important component of TPRM programs?

Impact tolerances usually cover severe, but plausible scenarios. As such, international regulators are becoming more comprehensive in their requirements for operational resilience in relation to third-party vendors, and the important role impact tolerances play in third-party risk management (TPRM) programs. Regulatory bodies expect companies to have impact tolerances established within impact tolerance statements, including clear data points and specific processes for their critical services and third-parties.

Share with Your Friends:

Our Expertise
Expertise
Who We Help
Customers

Ready to get started?

Schedule a Personalized Demo