Recently, Venminder released our annual State of Third-Party Risk Management survey. It included respondents from a wide variety of organizations across multiple industries.
The responses gave us invaluable insight into how many are doing third-party risk management and also where many could improve. After analyzing this year’s findings, we’ve compiled some third-party risk management best practices that you should be aware of in 2020:
10 Third-Party Risk Management Best Practices from Industry Survey
Here are the 10 best practices to utilize for your own third-party risk management programs:
- A well-documented policy, program and procedures is a must
- Address each pillar of third-party risk management in a rigorous set of practices
- Ensure you have adequate credentialed staffing at your organization to assist with third-party risk
- Work diligently to gain support from the board and senior management team
- Incorporate third-party risk management in annual policy updates and internal audits
- Invest in education, staffing and third-party risk tools
- Stay abreast of regulatory guidance, legal analysis and enforcement actions
- At least annually, and more if needed, update all documents and practices
- Perform ongoing monitoring well and follow up on deficiencies
- Watch customer complaints closely, as it’s a regulatory focal point for enforcement actions
Want to learn more about why these are our key best practices to take away from the data? Check out the survey results here.