Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.


Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 


Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.



Trends, best practices and insights to keep you current in your knowledge of third-party risk.


Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars



Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.



Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.


Vendor Management: Disaster Recovery

3 min read
Featured Image

Updated May of 2019

There is never a shortage of reporting on the various disasters that happen in this country, however, there is rarely any focus on “recovery.” Most managers would define recovery as completely back to pre-disaster operations.

In reality, what we really want is a quick, adequate return to some level of service without any customer criticism. (As a quick definition: if you get complete recovery quickly, you did not have a disaster, just an interruption of service level.)

Know Your Disaster Recovery Plan

Most vendor managers when assessing a vendor’s readiness have disaster recovery upside down. Our first instinct is to ask our vendors if they have a plan; then we check the box. We might even go so far as to ask when it was last tested; check another box.

The question we fail to ask is,“if our high risk vendor does have a disaster what is OUR recovery plan?” It's appropriate to demand that our vendors share with us what they would do if an outage occurs. But, we are talking about a disaster, one that might involve substantial down time. It's a grand academic exercise to review all the steps our unfortunate provider intends to take to resume service, but since we're sharing in a disaster, the focus for each organization needs to be on what the organization can do to recover in the eyes of their customers.

Strengthening Your Plan  

Here is where you need to start: review the vendor’s disaster recovery TEST results.

  • All plans look really good, but do they work?
  • When was their last test? Was it a complete test or just a “table top” or mock exercise?
  • What were the findings and items that need to be corrected?
  • What are the specific steps and when do they intend to notify their customers (you) regarding the status of recovery?

You will never be able to manage your recovery without timely information from your vendor. Reread that last sentence again. In your customer’s eyes you're the focal point of information. Not just, “we're temporarily experiencing a disruption in service,” but “here's what's happening and when we expect the situation to be solved.”

Say you're a financial institution. A storm in the Northeast took out a data center for eight days that effected more than 100 institutions. Imagine facing customers who need cash but you have no clue of their account balance and are really not sure when the situation will be resolved. This is where your recovery plan is critical. What are you going to do as each hour of any disaster ticks by?

Vendor management is all about your management of processes that are within your control. You can’t be expected to fill sandbags, but you are expected to provide service to your customers. Hint: Keep your own updated customers list including contact information.

Preparing for Natural Disasters 

An interesting statistic is that for the period from 1980 to 2010, there were 640 recorded natural disasters in the U.S. Eighty-two percent (82%) were storm or flood related. The reason I point this out is that since these events are weather-related, most were predicted. I realize that some (especially tornadoes) occur without much warning; however, they are typically seasonally forecast.

Furthermore, they follow traditional geographical patterns. So as a vendor manager in a routinely adverse weather-related area, there's some regularity to your attentiveness to disaster preparedness and especially YOUR recovery process. The goal: be sure all the publicity is on the disaster and the recovery goes so smoothly that it never gets reported.

Navigating Vendor Management Infographic

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo