Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.


Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 


Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.



Trends, best practices and insights to keep you current in your knowledge of third-party risk.


Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars



Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.



Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.


Solve Shadow Procurement Issues in Higher Education With Vendor Risk Management

4 min read
Featured Image

While shadow procurement may sound like the title of a thrilling espionage blockbuster, it's actually a real issue that plagues higher education. Shadow procurement involves buying goods or services outside of the established procurement process.

This happens when departments or faculty members purchase products or services directly from vendors. With so many departments and budgets to keep track of, it's like a game of Whac-a-Mole trying to monitor all those purchases. Unlike the arcade game, there’s no winning in shadow procurement.

The Risks of Shadow Procurement in Higher Education

When products or services are purchased without doing any proper vendor due diligence, it brings a lot of added risk to higher education institutions, including:

  • Lack of transparency: It may be difficult for an institution to ensure compliance with its policies and regulations when purchases are made without the benefit of established procurement processes and procedures.
  • Legal and financial risk: Shadow procurement can expose your institution to fraud, corruption, or other types of misconduct by vendors. That can lead to regulatory fines and lawsuits. Without a process in place to monitor the vendors, it can also lead to incidents like ransomware attacks.
  • Inefficiency: Shadow procurement can lead to inefficiencies and duplications in the procurement process, resulting in increased costs, missed savings opportunities, and poor vendor performance.
  • Loss of competitive advantage: By purchasing goods or services without going through established procurement processes, the institution may miss opportunities to negotiate better prices, leverage its purchasing power, and establish long-term relationships with vendors.
  • Reputation damage: An institution's reputation may be damaged if a vendor is perceived as incompatible with the institution's values and mission. And stakeholders, including students, faculty, staff, donors, and the community, can lose trust in the institution's leadership.

How Vendor Risk Management Addresses Shadow Procurement

To combat shadow procurement in higher education, implementing a vendor risk management (VRM) program is a smart move. Vendor risk management is a systematic approach to managing the risks associated with third-party vendors and contractors.  

With a vendor risk management program, universities and colleges can address potential risks associated with shadow procurement and take steps to mitigate them.

Here are three ways a vendor risk management program helps higher education address shadow procurement:

  1. Standardizes procurement processes: With a standard approach in VRM, all purchases are properly approved and overseen. Standard procurement processes minimize the risk of shadow procurement and ensure that vendor relationships follow a consistent and transparent process. It guides you through each step of a vendor engagement. That includes onboarding the vendor with contract negotiations and risk assessments, monitoring the vendor’s performance and risk during the relationship, and following a predetermined exit strategy if you need to offboard the vendor.
  2. Better vendor due diligence processes: Effective VRM programs typically involve a thorough process of vetting vendors, suppliers, and contractors. Due diligence can help universities and colleges identify potential risks associated with shadow procurement, such as vendors with a history of fraud, inadequate credentials, or a poor reputation. With proper due diligence, your institution can also know what risks need to be mitigated with each vendor. 
  3. Managing contracts: A VRM program should be implemented to ensure proper negotiation and management of vendor contracts instead of leaving it up to departments or faculty to individually choose vendors. It ensures all terms and conditions are defined and enforced. With contract management, you can also avoid any surprise renewals or price increases. Institutions can efficiently reduce duplicate services across departments by consolidating contracts in one centralized location.

solve shadow procurement higher education vendor risk management

The Need for a Vendor Risk Management Procurement Policy

It’s important to ensure that your institution's purchasing policy specifically addresses shadow procurement and includes the following elements:

  1. A clear definition of shadow purchasing: The policy should clearly define what constitutes shadow purchasing and include specific examples. This definition should be communicated to all employees and third-party vendors to ensure they understand what is considered unauthorized procurement.
  2. Procurement procedures: The procedures should follow the standard VRM procurement processes and guidelines for selecting vendors and negotiating contracts. The policy should also require employees to use only approved vendors and prohibit purchasing outside the established procurement process.
  3. Penalties for violations: There should be penalties for employees who engage in shadow purchasing and vendors who facilitate or encourage it. These penalties should be communicated to all parties, including disciplinary action and contract termination, where appropriate.
  4. Training and awareness: The policy should include training and awareness programs for employees and third-party vendors to raise awareness of the risks associated with shadow purchasing. It should also educate them on the proper procurement procedures to follow. This training should be conducted regularly and tailored to the institution’s specific risks and challenges.

Shadow procurement poses significant risks for universities and colleges. This can be addressed through your institution’s policies, which should adhere to vendor risk management best practices. By implementing a robust vendor risk management process, you’ll be able to address shadow procurement risks through standardized procurement processes, due diligence, and contract management.

By using this approach, institutions can effectively manage their vendors throughout the entire relationship. As a result, universities and colleges can minimize the risks of shadow procurement and ensure that all purchases are made with appropriate oversight and approval. 

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo