(270) 506-5140 CONTACT US
Best Practices

How to Scale Your Vendor Risk Management Program

Nov 28, 2018 by Branan Cooper

Ready to grow or expand your vendor risk management function? Do you know what to think about when scaling your program? There are a number of factors to consider. Let’s go through them.

4 Factors to Consider When Growing or Expanding Your Vendor Risk Management

Here are four factors to consider:

  1. Do you have adequate resources to handle the current workload? Are things getting done on time and with the right degree of accuracy of information?

  1. Do you have the right expertise on your team? Are there areas where you are routinely having to seek additional expertise? Better yet, do you have people with the right credentials?

  1. Are you engaging in a new line of business? Are there industry experts you need to engage to better understand it?

  1. Is your general risk profile changing? Are you perhaps engaging new third parties who will have access to customer data or who have suffered a prior data breach?

Figure Out Vendor Risk Management Resources

Once you've considered those formative questions, consider where you need resources the most. You can hire experts with proper credentials in each particular discipline or with highly sought-after skill sets, but in many cases, those come at a significant expense.

Many organizations seek to hire outside consultants or outsource to industry experts rather than hire on staff when they may not need their expertise always, just in certain circumstances. There is also great value in the objectivity and independence of outside resources who have the benefit of experience of helping many organizations.

When you do make the final decision as to whether to hire new people on the team or engage outside expertise, it’s a best practice to ensure you have the support of senior management and keep them regularly apprised of the adequacy of resources allocated to the vendor risk management function.

There's an old saying that you can't just throw bodies at a problem to create a solution. Clearly in some cases, you do need to hire just to keep up with volume but with informed decision making, you can often find creative solutions that bolster the organization while also avoiding an overburdened expense.

We're here to help you with specific areas of expertise in due diligence, document review and more.

Get a better understanding of the third party risk management in 2019. Download the whitepaper now.


Branan Cooper

Written by Branan Cooper

Branan Cooper is the Chief Risk Officer at Venminder. Branan has nearly 30 years of experience in the financial services industry with a focus on the management of operational and regulatory processes and controls—most notably in the area of third party risk and operational compliance. Branan leads the Venminder delivery team as the third party risk management subject matter expert in residence. Branan also serves as an industry thought leader. He's a member of InfraGard and the Professional Risk Management Industry Association (PRMIA). And, he was selected in 2018 as an advisor to the Center for Financial Professionals (CEFPro) and board member for the Global Sourcing Resource Network (GSRN).

Follow Branan Cooper

Subscribe to the Venminder Blog