Role SummaryThe Third Party Management Office (TPMO) Standards, Procedures & Governance Lead will establish and run the TPMO’s standards and procedure governance function, ensuring enterprise-wide third-party lifecycle requirements are clearly documented, effectively governed, kept current, and consistently adhered to. The role is accountable for managing TPMO-owned standards/procedures (including change control and RACI alignment), producing executive-ready risk committee materials, chairing the Third-Party Working Group (TPWG), and driving transparency and escalation around operational performance—particularly where Business Units (BUs) or Corporate Functions are outside defined SLAs for onboarding, due diligence, ongoing monitoring, and quarterly business review (QBR) scorecard updates.
This position aligns closely to the TPMO mandate to own, design, implement, and enforce compliance with third-party management standards and supporting artifacts, and to report on ongoing adherence and timeliness across lifecycle activities.
Primary Responsibilities1) Standards & Procedure Governance (Establish + Run the Function)
- Stand up and operate the TPMO standards/procedures governance model (intake, drafting, review, challenge, approvals, publication, communications, and attestation where applicable).
- Own the end-to-end change control process for TPMO standards, procedures, and supporting artifacts; coordinate review cycles with SMEs and ensure updates reflect regulatory changes and operating model updates.
- Maintain and update the TPMO RACI and embedded role clarity within standards and procedures in accordance with changes in regulatory expectations and internal operating models.
- Drive consistency across TPMO job aids, playbooks, and trainings; identify training needs and produce/coordinate training materials tied to the Third-Party Risk Management Policy, TPM Standard, and supporting artifacts.
2) Risk Committee Materials (Creation, Narrative, and Pack Management)
- Lead development of recurring and ad hoc risk committee reporting packs that provide a consolidated, end‑to‑end view of TPMO performance, risk posture, and control effectiveness across the third‑party lifecycle.
- Translate operational data into executive-ready narratives that highlight execution risks, metric/threshold breaches, functional interdependencies, and resulting risk exposure to support committee oversight and decisioning.
- Coordinate inputs, reviews, and deadlines across TPMO and partner functions to ensure accuracy, consistency, and readiness for governance forums (including final QA and version control).
- Maintain and evolve standardized templates for committee “Description and Purpose,” executive summaries, key points for consideration, recommendations, and next steps (ensuring repeatability month-over-month).
3) Chair the Third-Party Working Group (TPWG)
- Chair the TPWG, set agendas, drive structured decisioning, document outcomes, and manage follow-through on actions and governance commitments, consistent with TPMO’s responsibility to chair the Third-Party Working Group.
- Serve as primary facilitator for cross-functional alignment on lifecycle adherence, policy/standard interpretations, and operational issue resolution; escalate material disputes through defined governance channels as needed.
4) Operational Metrics Oversight & SLA Exception Management
- Own the operational performance review cadence across onboarding, due diligence, ongoing monitoring, issues management, and scorecard/business review execution; identify where BUs/Corporate Functions are past SLAs and drive transparent reporting and escalation.
- Produce SLA-breach insights and “call-outs” that distinguish between throughput constraints, dependency bottlenecks, and business-side execution gaps; ensure risks and remediation plans are reflected in governance materials.
- Partner with process owners to define thresholds, triggers, and escalation paths for aged items, backlog health, and recurring non-adherence themes, aligned to the TPMO expectation to report on timely completion of lifecycle activities and status of outstanding/past due items.
5) Quality Assurance, Exceptions, and Governance Controls
- Oversee QA/QC expectations across key lifecycle artifacts (e.g., risk intake/risk questionnaires, due diligence assessments, monitoring scorecards/business reviews) and ensure procedural controls are documented and measurable.
- Govern and coordinate review/approval of standard-related change requests (e.g., service category adjustments, risk rating adjustments, and other exceptions), including ensuring appropriate review/challenge by governing bodies.
- Support audit, regulatory, and RCSA requests when formally engaged per TPMO leadership expectations and intake practices.
Key Deliverables- TPMO Standards & Procedures Governance Framework (charter, workflow, intake forms, approval matrix, publication process, review cycle calendar).
- Updated TPMO standard/procedure artifacts (including RACI updates and regulatory change alignment).
- Monthly/quarterly risk committee deck package (exec summary, KPI/KRI views, breaches, themes, remediation tracking).
- TPWG agendas, minutes, decisions log, and action tracking.
- SLA exception reporting and escalation log (with trend insights and persistent offenders/themes)
Salary Range:
$70,490 - 119,890 USD
Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.