A topic we hear a lot at industry conferences and webinars is the maturity of your vendor management program. What exactly does this mean? Let's go through that now...
What a Mature Vendor Management Program Looks Like
As someone who has seen everything from the most basic (or non-existent) program to programs running like a well-oiled machine, here are some hallmarks of a well-managed, mature program:
- The program is well-documented with robust guidelines that conform to regulatory guidance and is up to date and approved by the board on an annual basis
- The front line managers know what their role is in vendor management responsibilities
- The senior leadership is well versed in the performance of the vendor management program
- The team is adequately staffed and highly qualified to do the job
- The head of vendor management has reporting responsibilities to the institution’s risk committee and the board
- The pillars of third party risk management are evident in daily activity
- There is a governance process for selecting and completing risk assessment work prior to signing a contract
- Vendor management is not an after-thought
If you find these elements in play in an institution, you know you’re looking at a well-managed and mature vendor management program – one that helps to protect the institution, its leadership and its customers.
And, we've actually surveyed financial institutions and found out where they stand with having a mature program. Download our State of Vendor Management 2017 for more.