EPRM Risk Specialist

Job Title: External Party Risk Management Specialist

Reports to: EPRM Operations Procurement Team Manager

Department: NBS Procurement

Location: Hyderabad

Job Grade/Band: 7

Job purpose

The External Party Risk Management (EPRM) framework is being introduced to ensure that Novartis is

conducting business with third parties who align to Novartis’ ethical standards. This is achieved by a

robust, proportionate and proactive process to qualify and manage third parties, by which Novartis

protects their business and their patients.

The EPRM Risk Specialist facilitates the end-to-end process including escalations, and provides

administrative support to the overall EPRM Operating Model. The EPRM Risk Specialist will manage

supplier qualification operations and help perform risk assessment procedures to assess and mitigate

risk when engaging external Parties

Major accountabilities

 Facilitate Novartis ongoing compliance with External-Party Management requirements outlined

in Novartis policies and standards

 Execute common, standardized third-party risk management processes managed centrally by

the EPRM including:

o Gathering of documentation and third-party artifacts

o Researching third-party information and inputting data into relevant repositories like

TPRM database,

o Sending third party questionnaire(TPQ) to vendors, liaising with the third party to

complete it, and analyzing it

o Process returned questionnaires and interact with supplier in case of questions or

issues

o Validate the completeness of questionnaire responses and whether any required

additional documentation has been submitted by the Third Party

o Validate the questionnaire responses against the submitted additional documentation

o Analyse and perform first pass review of questionnaires and additional documents, in

particular for automatic no-go criteria and risk indicators

o Coordinating with Risk experts to record documents, and manage risk assessment

timelines

o Support definition and track provide remediation actions

o Execute vendor screening and summarize the output for the risk team

 Support management reporting activities as required

 Participate in training sessions in collaboration with country stakeholders

 Participate in country conference calls and risk reviews where required

 Coordinate and process TPRM assessments, along with on-boarding workflows for Third

Parties requiring assessment

 Identify automation opportunities and promote a continuous improvements culture

 Become Subject Matter expert for the process and guide peers and juniors towards process

excellence

Key performance indicators/Measures of success

Time Management:

 Duration of the Remediation Process is in line with the timeframes defined in the Service SLAs

 Duration of the Operational Escalation Process is in line with the Service SLAs

 Duration of closing CAPAs/improvement plans in line within agreed timeframes

Process Performance:

 Increase number of Third Parties assessed as compared to targets (e.g. how many assessed within a

defined timeframe)

 Clear reporting is available to understand the metrics governing EPRM Framework performance

 Decrease in the number of overdue CAPAs

Ideal background (State the preferred education and experience level)

Education: Bachelor’s Degree is required.

Languages: Excellent English (required), other foreign languages are also an

advantage such as French, German, Russian

Experience: 2-5 years of direct, relevant experience in External-party risk

management or operational risk management is preferred

Qualifications/ Business

Acumen:

Ability to communicate effectively, both verbally and written, to various

levels within the organization.

Proficiency in the use of Microsoft Office 365, Excel, SharePoint, other

workflow tools.

Manage multiple initiatives concurrently.