(270) 506-5140 CONTACT US
Login

Venminder Blog

Dec 31, 1969 by

Gordon Rudd, CISSP

Gordon Rudd, CISSP
Gordon Rudd is a Third Party Risk Officer at Venminder. Gordon has more than 30 years of experience in the financial services industry in the areas of third party risk management, technology, information security, enterprise risk management and GRC (Governance, Risk Management and Compliance) program development. Gordon works with the Venminder delivery team as a third party risk management and cybersecurity subject matter expert in residence.
Find me on:

Recent Posts

Best Practices

Centralizing Vendor Management: What Does the Team Look Like?

Jun 30, 2020

Often, we find that organizations operate their vendor management programs in one of three ways – centralized, decentralized or a hybrid of the two models. As organizations begin to mature, they [...]

Read More

Due Diligence

What Is Collected on a Critical Core Vendor?

Jun 10, 2020

The vendor due diligence process inherently means some heavy lifting when it comes to data collection… and with so many different moving parts, it can be easy to miss one or two (or let’s face it [...]

Read More

Business Continuity / Disaster Recovery

How to Ensure Vendors Can Return to Normal After the Pandemic

Jun 9, 2020

As Helmuth von Moltke once said, “No plan survives first contact with the enemy.”  We have planned for a pandemic for decades. We have updated our plans and we’ve sat through lessons learned from [...]

Read More

Risk Assessment

6 Phases of Conducting a Vendor Risk Assessment

May 13, 2020

There’s no way around it. Risk assessments are work. There are a lot of moving parts and a lot of pieces of information to take into consideration. Like much of life today, it’s good to take a [...]

Read More

Cybersecurity

What Your Vendors' Employees Working from Home Means to You

Mar 31, 2020

As the United States begins to settle into the reality of social distancing, working remotely, sanitizing every touch surface and using video conferencing to communicate, where does that leave [...]

Read More

Business Continuity / Disaster Recovery

COVID-19 Brings 3 Vendor Management Changes to Know

Mar 25, 2020

Our world has forever changed. The many reasons for this change we watch every day on the news. Every evening on the nightly news we watch people from around the world struggle with the [...]

Read More

Best Practices

Champion vs. Challenger Strategy: How Often Do You Challenge a Vendor?

Mar 18, 2020

The “Champion vs. Challenger” strategy has been around for a long time. It’s a tried and true strategy. Some people may refer to it as a best practice in vendor management.  

Read More

Risk Assessment

Assessing Vendor Risk: What You Need to Know

Mar 11, 2020

Assessing vendor risk in a complete manner can be a herculean task but is well worth the time investment. Assessing vendor risk keeps you, your organization, customers and stakeholders safe and [...]

Read More

Best Practices

4 Important Vendor Management Reminders for the Board

Mar 10, 2020

As a board member for any organization’s board, it’s your responsibility to ensure the organization is pursuing vendors that are compatible with their risk tolerance, strategic objectives and [...]

Read More

Risk Assessment

How to Understand Strategic Vendor Risk

Feb 19, 2020

Strategic risk may sound like a rather simple concept, but it’s often overlooked or diminished in preparing a risk assessment. Trust me, it’s one you need to focus squarely on. In fact, it’s the [...]

Read More

Best Practices

How Vendor Management Affects Each Department in Your Organization

Feb 18, 2020

Vendor management (VM) is indeed a team sport. At this point in my career, I can assure you that vendor management is a team sport because it takes every department, every line of business, the [...]

Read More

Best Practices

What Is the Difference Between a Vendor and Third Party?

Jan 29, 2020

I often hear the two terms vendor and third party vendor used as if they mean essentially the same thing. While this is commonly done, it’s a misconception, or perhaps a misrepresentation, to do [...]

Read More

Due Diligence

Why Analyzing Due Diligence Is Critical

Jan 28, 2020

If you’re an organization that collects due diligence on an ongoing basis, that’s great. If you’re an organization that collects due diligence on an ongoing basis and just files it away, then [...]

Read More

Risk Assessment

What Is a Third Party Risk Assessment?

Jan 8, 2020

A third party risk assessment is an attempt to quantify the risk associated with a third party vendor thatll be providing a product or service to your organization. Sometimes referred to as  [...]

Read More

Cybersecurity

Vendor Cyber Risk Management: Now Is a Good Time to Do Another Check-In

Dec 11, 2019

Tis the season! Third party risk will never be the same. Why is it that cyber thieves, aka hackers, are more active around the holidays? Around Halloween each year, information security [...]

Read More

Information Security

Your Vendor's Information Security Control Environment Is Faulty. What Now?

Oct 30, 2019

In a world where information security breaches are all too common, it’s vital that you verify each vendor’s information security control environment is adequate and designed to protect your [...]

Read More

Cybersecurity

How to Perform a Vendor Cybersecurity Review

Oct 2, 2019

Venminder’s recent State of Third Party Risk Management survey found that fourth party risk management and cybersecurity are expected to be the next biggest hurdles at many organizations. This [...]

Read More

Best Practices

How to Prioritize Vendor Management Tasks

Sep 24, 2019

All too often it's hard to find a place to begin any new project. Prioritizing tasks can be challenging when all seem incredibly important. So, let’s consider this common situation that most of us [...]

Read More

Best Practices

How to Onboard a New Vendor

Sep 4, 2019

Businesses don’t run without vendors. You may only have a handful, or you may have hundreds or even thousands, but no matter what, you have at least one. Your telephone service provider is, in [...]

Read More

Due Diligence

Vendor Document Management Disasters and How to Handle Them

Aug 28, 2019

I’ve been to a rather significant number of conferences over the course of my career. I’ve found that each session will usually give you at least one pearl of wisdom. However, the gold nuggets we [...]

Read More

Best Practices

Why You Need Vendor Management (VM) Not Just Enterprise Risk Management (ERM)

Aug 13, 2019

I was talking to my friend Jeff the other day. Jeff works for a rather large organization. I asked him how he was handling third party risk management. He informed me that his organization has an [...]

Read More

Cybersecurity

5 Reasons Why Vendor Cybersecurity Ratings Matter

Jul 24, 2019

Did you know your vendor’s cybersecurity can be rated? Yes, rating a vendor’s cyber preparedness has become the primary due diligence challenge of 2019. In fact, according to our 2019 State of [...]

Read More

Best Practices

Interview with Oil and Gas Industry Thought Leader

Jul 22, 2019

Recently, as part of Venminder’s Thought Leadership interview series, I had the opportunity to speak with Michael Donnella, Corporate Compliance Officer at Murphy Oil Corporation, to hear his [...]

Read More

Best Practices

How a Vendor Management System Works and Why You Need It

Jul 16, 2019

Dunbar’s Number says that the number of people you can maintain stable relationships with tops out at 150 people. It should be easy to keep up with 150 friends, relatives, coworkers and [...]

Read More

Best Practices

Your Vendor’s Disaster Recovery Plans: 8 Things to Watch Out For

Jun 12, 2019

Third party risk management today is like performing a high-wire act without a net. There is so much that can go wrong at any point in time and some things with disastrous consequences. One of the [...]

Read More

Financials

5 Results of an Insufficient Vendor Management Budget

Jun 4, 2019

Before I delve into what can happen due to an insufficient vendor management program budget, let’s start with a story. Picture this. You’re the new Chief Information Security Officer (CISO) at a [...]

Read More

Business Continuity / Disaster Recovery

What Happens When a Critical Third Party Vendor Doesn’t Have a Good Business Continuity Plan?

May 8, 2019

Business Continuity Planning (BCP) and Disaster Recovery Planning (DR) are the processes of developing, testing and maintaining plans to sustain business resiliency as well as normalize operations [...]

Read More

Best Practices

How Mature Is Your Vendor Management Program?

Apr 30, 2019

A topic we hear a lot at industry conferences and during webinars is the maturity of your vendor management program. What exactly does this mean? Let's go through that now...

Read More

Financials

What Insurance Should Your Vendors Have?

Apr 24, 2019

For all practical purposes, it’s impossible to discuss the insurance requirements for your third party vendors without discussing the overall risk posture and insurance protection your [...]

Read More

Best Practices

Vendor Management vs. Enterprise Risk Management vs. Third Party Risk Management vs. Supplier Relationship Management

Apr 10, 2019

Could it get any more confusing? Ever wonder, “What am I really supposed to be doing?”. Vendor management (VM), enterprise risk management (ERM), third party risk management (TPRM), vendor risk [...]

Read More

Written by

Follow
Subscribe--Bg.jpg

Subscribe to the Venminder Blog