Software

Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Overview
Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

VX LP Sequence USE FOR CORPORATE SITE-thumb
Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.

CREATE FREE ACCOUNT

Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 

Industries

Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

1.7.2020-what-is-a-third-party-risk-assessment-FEATURED
Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.

DOWNLOAD SAMPLES

Resources

Trends, best practices and insights to keep you current in your knowledge of third-party risk.

Webinars

Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars

 

Community

Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.

Subscribe

 

Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

resources-whitepaper-state-of-third-party-risk-management-2023
State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.

DOWNLOAD NOW

How to Raise the Vendor Management Bar

3 min read
Featured Image

Vendor management maturity levels vary across the company spectrum. As part of our many in-depth consultations with clients and prospects alike, we find that the staffing, expertise and even the expectations of what vendor management means to an organization varies by several degrees.

Let's go through common reasons for neglecting vendor management, frequent questions and attitudes and how to raise the vendor management bar.

Common Reasons for Neglecting Vendor Management

People hesitate to do proper vendor management because of aspects such as these:

  • Vendor oversight adds another layer of responsibility to an organization.
  • Vendor management adds more items to the TO DO list.
  • Vendor management increases the cost of doing business – reduces margins.
  • Vendor management could be viewed as an intangible to executive leadership and the board.
  • Leadership may know they must do vendor management, but only do enough just to get by.

If this sounds familiar to your organization, there’s still hope for you as a vendor management professional and that of your board. And, if you’ve already gotten past these hesitations, then you’re through a rough spot.

Frequent Questions and Attitudes From Lenders

Let’s now go through some common questions and attitudes I’ve seen in the industry and my thoughts towards them.

  • Why is oversight so important? The common-sense answer is because depending on what type of company you are, there is likely a regulation which requires oversight of your third parties.
  • Can’t we check the box? Of course, you can, if you want to play chance with your regulators.
  • The vendor seems like a nice group of people. I’m sure they are too, but nice doesn’t take home a compliance award. Strong systems, policies and procedures and evident controls prove how well a vendor can support you and your client.
  • Isn’t de-regulation going to help me get away with less oversight? De-regulation at some level may be a reality, however regardless of de-regulation, the cyber threats, hacking, access to systems and NPPI exposure are real risks which are on the rise regardless of the level of regulation the industry may or may not experience in the future.

This should help solidify the importance of vendor management and vendor oversight. Now, let’s go through best practices.

9 Things to Do to Raise the Vendor Management Bar

Here are 9 things you can do today to mature your vendor management program without missing a step.

  1. Meet with all your critical and high risk vendors. Ask them to train you on the actual process of ordering their product or service. This is also a fantastic way to compare how each system operates and provide insight into pros and cons of each service that isn’t readily identifiable just from a contract or annual oversight practice.
  2. Meet with the lines of business who use each product. Your internal customers offer an enormous amount of insight into the product and service.
  3. Know your craft. Bootcamps, online articles (you’re reading this one for a reason) and vendor management courses are great ways to stay educated. Information today is just a click away. Gain internal endorsement that vendor management training is equally important as compliance or guideline knowledge.
  4. Meet your peers. Compare notes (just don’t share any Intellectual Property or trade secrets). Vendor management professionals are some of the most skilled professionals I know since they have a good mix of operations, technical, risk and compliance expertise.
  5. Know the regulators which impact your organization. This could be FFIEC, OCC, NCUA, CFPB, SEC…and even state regulators may have hot buttons that they like to review.
  6. Know the regulations which impact you and your vendors. This may include GLBA, Red flags, UDAAP, FCRA, ECOA, UETA, TCPA, AIR, HMDA and TRID.
  7. Subscribe to vendor management blogs to stay updated. For example, you can subscribe to Venminder’s blog here: https://www.venminder.com/blog
  8. Subscribe to enforcement action information pertaining to your industry or vendor category. This helps you learn from other peoples’ mistakes.
  9. Subscribe to complaint databases or negative news. This is a resource to help stay on top of your vendors.

Vendor management is a fantastic discipline and requires an in-depth level of understanding of many different components and a lot of work. Taking the above information will help lay foundation and avoid common pitfalls.

See how your peers are keeping up with third party risk management, download our whitepaper.

vendor management white paper

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo