Software

Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Overview
Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

VX LP Sequence USE FOR CORPORATE SITE-thumb
Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.

CREATE FREE ACCOUNT

Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 

Industries

Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

1.7.2020-what-is-a-third-party-risk-assessment-FEATURED
Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.

DOWNLOAD SAMPLES

About

Venminder is an industry recognized leader of third-party risk management solutions. 

Our Customers

900 organizations use Venminder today to proactively manage and mitigate vendor risks.

Get Engaged

We provide lots of ways for you to stay up-to-date on the latest best practices and trends.

Gartner 2020
Venminder received high scores in the Gartner Critical Capabilities for IT Vendor Risk Management Tools 2021 Report

READ REPORT

Resources

Trends, best practices and insights to keep you current in your knowledge of third-party risk.

Webinars

Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars

 

Community

Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.

Subscribe

 

Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

resource-whitepaper-state-of-third-party-risk-management-2022
State of Third-Party Risk Management 2022

Venminder's sixth annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.

DOWNLOAD NOW

Vendor Document Management Disasters and How to Handle Them

5 min read
Featured Image

I’ve been to a rather significant number of conferences over the course of my career. I’ve found that each session will usually give you at least one pearl of wisdom. However, the gold nuggets we seek are in the interpersonal interactions found during lunch breaks and in the cantina at happy hour.

Earlier this year, I found myself seated at a lunch roundtable with ten risk management professionals.  Someone told a story about a contract auto-renewing for two years that cost his organization several hundred thousand dollars. Then the one-ups-man-ship kicked in, and around the table everyone relayed their story of contract auto-renewal woe.

Later that day, I brought the subject up in the cantina and virtually every one of the 20 or so conference attendees in my little corner of the room told some shocking stories of losses due to missing auto-renewal dates. The first person to offer a story was a woman who had used a $3 million contract auto-renewal to drive home the need for a document management system. I stopped tracking the total losses in hard dollars for the story tellers after thirty minutes and well over $20 million in total losses. Who knew? The number one document management disaster around the world is the missed auto-renewal deadline!  We have all missed a contract renewal date at some point in our careers. So, why don’t we see this coming? Who’s responsible for these failures?

Well, vendor management can help with this! Organizations all go through the same maturation process for vendor management which kind of mirrors the five stages of grief. You know, something like this:

  1. First, denial that there’s any possibility of something as simple and easy as vendor management costing us any hard dollars.
  2. Next, anger as the CEO is furious over the fact that the lack of  vendor management cost  us a boatload of hard dollars.
  3. Third, bargaining with the vendor to try and get out of the contract renewal…it does work about 2% of the time.
  4. Fourth, depression since you must now update your resume.
  5. And finally, acceptance that the lack of an organized methodology for vendor management just cost someone a promotion and your company a boatload of dollars.

You must be a highly organized individual to keep all the plates spinning when it comes to vendor management. Unfortunately, the cheap-o reap-o methodology of using spreadsheets and a shared drive for files just doesn’t cut it.

 Let’s look at some more examples.

Vendor Document Management Disaster Examples from the Front Lines of Defense

Vendor Rom-Com – Missed Auto-Renewal Notice Periods

A vendor in the financial services space likes to have three-year agreements. They have an unusually long notice period - 180 days - supposedly due to the complexity of making a change in the platform. If you ignore or miss this auto-renewal notice period, your firm may have a new three-year agreement with a vendor they want to replace. This will be a mid-six figure mistake. A very costly mistake if you were planning to exit the relationship. You’ll be stuck in the contract even though your business unit may have just signed an agreement with the replacement platform. Ouch!

Business Unit Bungle – Placing All Responsibility on the First Line

Leaving contracts with the lines of business never works out well either. Eventually, someone retires, seeks a new position or is asked to seek excellence elsewhere. When that happens, tribal knowledge is lost. You see where this is going, right? No due diligence. Assuming all things are equal, and they never are, it’s easy in this scenario to go over a year without reviewing or receiving updated documents and this can be detrimental to your organization. You’re setting yourself up for risky situations when you’re not frequently evaluating critical vendors.

Multiple Product Parade – Only Performing Due Diligence at the Vendor Level

If you have multiple products with one vendor but don’t identify that and only collect documents for one product, you’re going to miss pertinent information. What if the vendor uses multiple data centers and the documents that you’re collecting are for a data center that doesn’t service the product suite your organization has? Who’s responsible for that one? You should receive different documents for the different products and services. Otherwise, it will do more than just look bad when your auditors/examiners come calling. You may walk into a data breach.

Shared File Nightmares – Lack of a Centralized Repository

If you don’t have a centralized location for your documents, you can do a lot of hunting for documentation. While this is a concern for examiners, it can result in a nightmare that would rock even Elm Street. You’ve taken the time to get all of the contracts loaded onto a shared file system and have spent months organizing and sorting. Everything looks great. Then someone asks you for documentation. Luckily, you know the exact location but when you navigate your way to the folder where the document should be…it’s empty. Who moved the contract? File systems will fail you at some point. Hoping everyone plays nicely in the file structure isn’t a plan.

No Time for Failure – Poor Time Management Causes a Ripple Effect

If you have poor time management it can lead to all the above. Missed contract dates, forgetting your ongoing monitoring, document deletion and so many, many more horror stories. The bottom line is simple. You don’t have the time and energy to do even an alright job of vendor management without an appropriate platform. Time will cause a vendor management failure faster than your ice cream cone is going to melt on the fourth of July. The failure is inevitable. The scope of the loss, well that is to be determined.

6 Ways to Handle or Prevent Vendor Document Management Disasters

Now that we’ve covered plenty of stories and examples of document management disasters, let’s cover how to handle them when they happen.

  1. Get an appropriate vendor management platform.
  2. Make friends with your business continuity team.
  3. It may seem obvious but stay organized!
  4. Use your vendor management platform for tracking due diligence and contract expiration dates.
  5. Have one central repository for all documents; even the due diligence. Hey, even throw the operating manual into the document repository as well. At least you’ll be able to find it when it’s needed. Remember, personnel will change over time.
  6. Ensure you’re requesting and performing due diligence on every product/service you use – not just the vendor!

Those of us who have worked in vendor management for any significant amount of time have all been there, done that and now own the t-shirt with the “I Missed the Auto-Renewal Notice” logo. It’s never fun. We all start out thinking all we need is a spreadsheet and then as we move through the five stages, we learn a hard truth. You must have a platform or you’re going to cost your organization hard dollars at some point. So, eventually, we all went out and purchased a vendor management platform.

I’m offering you knowledge…knowledge that was won in the crucible of battling against the odds and eventually staring potential failure in the eye and searching for the contact information of that saleswoman who called last week...

Stop the madness! Fix and prevent document disasters now. You won’t regret it.

Collect vendor due diligence documents more efficiently with these 10 steps. Download the infographic. 

10-tips-to-collecting-vendor-due-diligence-documents

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo