Software

Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Overview
Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit


Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

VX LP Sequence USE FOR CORPORATE SITE-thumb
Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.

CREATE FREE ACCOUNT

Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 

Industries

Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

1.7.2020-what-is-a-third-party-risk-assessment-FEATURED
Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.

Download Samples

About

Venminder is an industry recognized leader of third-party risk management solutions. 

Our Customers

Over 800 organizations use Venminder today to proactively manage and mitigate vendor risks.

Get Engaged

We provide lots of ways for you to stay up-to-date on the latest best practices and trends.

Gartner 2020
Venminder received high scores in the Gartner Critical Capabilities for IT Vendor Risk Management Tools 2020 Report

Read Report

Resources

Trends, best practices and insights to keep you current in your knowledge of third-party risk.

Webinars

Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

 

Community

Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Friday with the latest and greatest updates.

Subscribe

 

Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

Join the thousands of risk and compliance professionals who subscribe to Venminder

How You Should Treat Fourth Party Vendors

2 min read
Featured Image

Dealing with third parties is a lot to have on your plate, however examiners think you can still handle more. They will ask you about your fourth parties too!

You may be wondering, what in the world is a fourth party vendor and why should you pay close attention? Here are some answers and examples to help you better understand fourth parties.

What Is a Fourth Party Vendor?

fourth party vendor is generally your third party's third party vendor. Your organization doesn’t have a direct contractual relationship with the fourth party, but your third party does.

It’s an emerging area of significant focus, particularly if that fourth party has a critical role in the delivery of your organization’s products or services to your customer.

Examples of a Fourth Party Vendor

Perhaps the easiest example is a fourth party call center. You have an issuing agreement for a prepaid card program, and they use an outsourced call center. You can certainly understand why you need to include them in your scope of review, due diligence, risk assessment and monitoring – they’re speaking to your customers and have access to your customers’ information! 

Another example is a cloud-based SaaS provider. In this case, often times they’re using a vendor to house data on their servers (another facility). Their third party data storage provider is your fourth party.

What Do You Do with Fourth Party Vendors?

There are certainly challenges in trying to manage fourth party vendors. Since you don’t have a direct contractual relationship, it’s often hard to get access to the due diligence documents you need. It’s even harder if you find something you believe needs to be changed or improved.

Fortunately, you don’t need to worry about all of your third parties’ third parties, but you should know about ones that are critical to their business or have access to your customer data. To receive appropriate information about those fourth parties, you’ll most likely need to work through your third party. Hopefully they've got robust due diligence practices and strong contractual ties.

Steps to Managing Fourth Party Vendors

So, to manage your fourth parties, you should:

  1. Routinely ask your third party for a list of their critical vendors
  2. Request that your third party keep you apprised of any changes or concerns with those critical vendors - your fourth party vendors
  3. If you’d like, you could require your advance approval of changes related to the most critical fourth parties, the ones that "touch" your customer or your customer's data
  4. Review your third party's policies around due diligence and oversight of their outsourced services

Overall, the key to vendor management really goes back to the idea of building a strong working relationship in which both organizations know what is expected of one another and a willingness to deliver

Now after learning more about fourth parties, hopefully your plate looks more manageable again. 

Dive deeper into learning if your fourth parties require your attention. Download the infographic.

DOWNLOAD NOW

Sign Up For Our Newsletter

Get expert insights straight to you inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo