Earlier this year, Venminder released our annual State of Third-Party Risk Management whitepaper, based on a survey distributed at the end of 2019. It covered respondent data and analysis from a wide variety of organizations across multiple industries. The additional perspectives allowed us to learn a great deal of valuable third-party risk information from a very wide spectrum.
4 Quick Survey Highlights
Here are four main highlights from the survey:
- Third-Party Risk Management Budget: Besides full-time employees, 38% of organizations dedicate less than $10,000 to vendor management. The continued limited spend is a concern. It’s barely enough to do one vendor onsite visit. Our hope is that in the next year organizations will begin to allocate more to their third-party risk management budget.
- Vendor Management ROI: 74% of respondents feel there is a return on investment (ROI) from efficient vendor management. This is great as vendor management done well can prevent unwanted automatic contract renewals and much more, which brings an immediate ROI.
- Third-Party Risk Management Employees: 72% of respondents have 5 or fewer employees dedicated to vendor management. Luckily, this number is declining year-over-year. Last year, 77% respondents had less than 5 dedicated employees.
- Third-Party Risk Management Hierarchy: Third-party risk is starting to report to the board and senior management instead of the lines of business. While you do want to give the business units a voice in third-party risk, a decentralized program is not recommended. It creates many inconsistencies and inefficiencies. Therefore, we’re glad to see this migration.
Overall, it seems like most respondents are doing things correctly. However, like with most things, there is certainly room for improvement.
Want to learn more about how others are managing third parties? Check out the survey results here.