Job Description: Job Title: Third Party Risk Management Specialist Location: Bogota, Colombia Contract Term: Permanent About us: Diageo is the world’s leading premium drinks company with an outstanding diverse collection of brands, such as Casamigos and Don Julio tequila’s, Ypióca, Johnnie Walker, Smirnoff, Baileys, Captain Morgan, Tanqueray, and Guinness. Our purpose - Celebrating life, every day, everywhere - has an important role in our company, for our people, our diversity, our brands, in how we perform and how we create shared value. Our ambition is to create the best performing, most trusted and respected Consumer Products Company in the world. To achieve these, we need the world’s very best people. Global Business Services (GBS) is a global multifunctional shared service entity that processes DIAGEO-wide transactions across various world regions. Processes in scope are - Order to Cash (OTC), Source to Pay (STP) and Record to Report (RTR) and Data Services (MDM). GBS is a multicultural, multi-language and matrixed environment. Context to the Role: Our TPRM vision: “We aspire to conduct business with third parties that are ethical and adhere to the same standards as we do, by proactively managing their relationships to have positive impact on our communities, the environment and consequently protect our reputation”. The TPRM solution will act as a single point of entry for all suppliers across the third-party lifecycle covering the in scope six risk domains and using a tailored risk methodology already defined. Our TPRM solution will be the enabler of the programme allowing central visibility and one source of the truth, collaborating with external data feeds for an improved identification of risks. A central capability (“TPRM Control Tower”) will be key to support the business and operate the TPRM framework to drive consistent third party risk management across Diageo.- The TPRM Control Tower is a part of the TPRM function and acts as a first line of defence.- The TPRM Control Tower is seeking an Assessor to support them in conducting third party risk assessments, both at onboarding and throughout the lifecycle as part of Diageo’s TPRM programme.- - This position repots to the Operational Lead of the TPRM Control Tower. Role Purpose & Accountabilities: The Third - Party Risk Specialist (TPRS) role is responsible for executing risk assessments to ensure that the Diageo adequately identifies risk associated with Suppliers, conducts the appropriate due diligence, and puts in place mitigating controls in discussion with Risk domain owners. The TPRM Control Tower Assessor will: - Validate the requests for new third party engagement, working with business or procurement to ensure data is complete and accurate and inherent risks are identified.- Perform initial due diligence activities, complete inherent risk questionnaire (IRQ) and document outcome in the TPRM tool- Coordinate the distribution of assessment questionnaires to the third parties, review submitted questionnaires for completeness and control gaps, and agree remediation actions and plans with the third party with support from the Risk Owners as required. Record all the actions and outcomes in the TPRM tool.- Escalate and report on material risk elements to Risk Owners and leadership, as needed.- Draft third party risk report outlining the recommendations, risks, and agreed remediation activities with the third party.- Escalate any TPRM technology defects or operational issues to the Operational Head of the TPRM Control Tower in a timely manner.- Work in collaboration with cross-functional teams to address information security policy/risk or compliance issues- Responsible for identifying and tracking continuous monitoring activities to ensure the risks associated with vendors has not changed or exceeded risk tolerance thresholds- Perform continuous monitoring on vendor population for external events or impacts- Manage task and remediation action plans for open risks to completion- Escalate past due items to senior leadership- Collaborates within Non-Financial Risk Management teams, Procurement, SMEs and key stakeholders to complete governance assignments as applicable Experience required/Skills/Capabilities/Languages: - Demonstrated ability in a similar role in Third Party Risk Management focussing on anti-bribery and corruption and human rights, Operational Risk, Enterprise Risk, or Internal Audit; overall confirmed experience of Procure to Pay- Bachelor’s degree in related field or equivalent combination of education and/or training- Familiar with third party risk regulations such as FCPA,- Strong understanding of risk management principles- Understanding of vendor inherent risk questionnaires, review of due diligence documentation, and development of mitigating controls- Strong communication skills and ability to deliver difficult messages- Critical thinking and ability to use judgment- Resilient and capability to a