Software

Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Overview
Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit


Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

VX LP Sequence USE FOR CORPORATE SITE-thumb
Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.

CREATE FREE ACCOUNT

Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 

Industries

Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

1.7.2020-what-is-a-third-party-risk-assessment-FEATURED
Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.

DOWNLOAD SAMPLES

About

Venminder is an industry recognized leader of third-party risk management solutions. 

Our Customers

Over 800 organizations use Venminder today to proactively manage and mitigate vendor risks.

Get Engaged

We provide lots of ways for you to stay up-to-date on the latest best practices and trends.

Gartner 2020
Venminder received high scores in the Gartner Critical Capabilities for IT Vendor Risk Management Tools 2020 Report

READ REPORT

Resources

Trends, best practices and insights to keep you current in your knowledge of third-party risk.

Webinars

Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

 

Community

Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.

Subscribe

 

Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

Join the thousands of risk and compliance professionals who subscribe to Venminder

Resource Library

Free Educational Resources for Third-Party Risk Professionals. 

Browse and search through our hundreds of free resources created by our in-house experts based on industry guidance and best practices to help you build and improve your third-party risk management program. It's important now more than ever to protect your organization and customers against the many rising risks.

Podcast

5 Vendor Risk Management Tasks to Do Before the End of the Year

This podcast covers a few of the items that you should tackle before the end of the year to be better prepared for 2021.

vendor management

Videos

4 Reasons Monitoring Vendor Financial Health Is Important

This video breaks down the basics of what vendor financial health is and why you should be including this step in your organization’s due diligence process.

oversight monitoring, ongoing monitoring

Checklists

Third-Party Risk Management Checklist

Whether you're just getting started or simply are looking to refresh your program, use this comprehensive checklist to guide you to successful vendor management.

eBooks

Vendor Vetting: 19 Things You Should Be Doing

As part of your vendor due diligence process and regardless of risk level, there are 19 items your organization should be committing to file for every third-party involved with your business.

initial vendor vetting, due diligence, onboarding

Infographics

Understanding a Vendor Risk Appetite Statement

In order to properly manage your vendors' associated risk, you need to thoroughly understand your organization’s vendor risk appetite statement. Use this infographic to help.

third-party risk management

Podcast

4 Tips for Gathering Useful Vendor Management Resources

Listen to this podcast to help you figure out the best way to gather vendor management resources.

vendor management

eBooks

Reviewing and Understanding a Vendor’s SOC Report

View this interactive guide for how to review your vendor’s SOC reports by walking you through each section and the important areas to pay attention to.

cybersecurity

Videos

Managing Third-Party Cybersecurity Risk

Proper cybersecurity has never been more important than it is today. Use the six best practices covered in this video to help ensure your vendor can prevent, detect and respond to a cybersecurity issue.

data breach, information security

Infographics

The Scary Statistics Behind Third-Party Cyber Breaches

If you don’t have an adequate plan to properly manage your vendor’s risk, then your organization could be another scary statistic. Learn how to stay safe.

data breach, information security

Podcast

Raking in Vendor Risk Management ROI

Listen to this week’s podcast for the top three benefits and ROI you can achieve by investing in third-party risk management.

vendor management

Podcast

5 Vendor Data Breach Precautions

You can take proactive steps that will help you better protect your customers and reputation from a third-party data breach. Listen to this 90-second podcast for our top five tips.

data breach, cybersecurity, information security

Infographics

The Changing Vendor Management Expectations for Fintechs

To help fintechs win points with your clients, use this infographic that covers what you need to know about the changing vendor management expectations.

third-party risk management

Podcast

Scary Consequences of an Incomplete Vendor SOC Assessment

Find out what the three scariest consequences are that can occur if you have a missing item on your vendor SOC report by listening to this week’s podcast.

cybersecurity

Infographics

How to Effectively Manage International Vendors

Your contract and due diligence processes requires a unique focus when working with an international vendor. Use this infographic to help.

due diligence, contract management, overseas

Checklists

Vendor Cybersecurity Checklist

To help ensure you gather the information you need, use this handy checklist that covers what you need to review when analyzing your vendor’s cybersecurity.

data breach, information security

Podcast

3 Vendor Information Security Best Practices

Learn about the importance of strong vendor information security and three best practices our experts recommend in this podcast.

data breach, cybersecurity

eBooks

2020 Edition: The Vendor SOC Dictionary

To help guide you and your team in understanding some of the most common terms found in a SOC report.

cybersecurity, information security, data breach

Podcast

4 Fintech Vendor Management Tips to Meet Regulator and Client Expectations

In this podcast, learn the top four tips that will help fintech organizations more successfully meet their client and regulator expectations.

Infographics

8 Third-Party Cybersecurity Risk Protection Layers

While technology sophistication is growing, so are the capabilities of hackers. Use this infographic to learn how to build a solid defense against cybersecurity risks.

data breach, information security

Infographics

9 Techniques for Vendor Contract Compliance

Incorporate sound contract compliance techniques to lessen exposure to vendor risk and improve contract management practices. Use these techniques to help you with the process.

contract negotiation, contracts

Infographics

How Many People Should You Dedicate to Third-Party Risk Management?

We’ve put together this infographic to help you determine the amount of staff you need to dedicate.

vendor management, staffing

Podcast

How to Maximize Your Third-Party Risk Management Budget

You can take specific steps that will help you maximize even the smallest budget for vendor management. Listen to this week’s podcast for the top three tips we recommend to help you make the most of your organization’s budget.

Infographics

A Quick Guide: How to Manage Fourth-Party Risk

Use this quick, but comprehensive, guide to help mitigate fourth-party risk.

Podcast

Vendor Oversight Strength Depends on the Contract

If you have well-developed vendor contracts, then you're setting your organization up for success when it comes to vendor oversight. Find out the top three reasons why your vendor contracts directly affect your level of oversight.

due diligence, contract management, ongoing monitoring

Whitepapers

Gartner's Critical Capabilities for IT Vendor Risk Management Tools Report

Venminder received highest scores in 2 of 3 use cases in Gartner's Critical Capabilities for IT Vendor Risk Management Tools report.

eBooks

How to Master Vendor Contract Management

Contract management is a key component in managing risk and vendor relationships. Our eBook is your tool to master vendor contract management.

contracts, third-party risk management

Interviews

Interview with Chris Caputo

Chris Caputo, External Audit Coordinator at CMG Financial, shares his thoughts on commonly seen vendor management struggles and how to overcome them.

third-party risk management, due diligence

eBooks

Guide for Collecting Vendor Due Diligence

This in-depth guide will walk you through the process of collecting due diligence and solutions for related common hurdles.

ongoing monitoring, oversight monitoring

Podcasts

Top 10 Vendor Contract Negotiation Tips

To help you better manage this stage in the vendor contract process, listen to this week’s 90-second podcast for the top tips our experts recommend.

contract management, contracts

Infographics

How to Report Vendor Risk Management Activity to the Board

This complimentary toolkit includes reporting package templates and provides you with guidance on how to format vendor board reports.

third-party risk reports

Podcasts

5 Next Steps After You Receive a Vendor Contract

Once you receive a vendor contract, there are specific steps that you should take for a more successful process. This 90-second podcast covers the 5 most important steps our experts recommend you're following.

contract management, contract negotiation

Infographics

8 Vendor Service Level Agreement Best Practices

To make sure both your organization and your vendors are on the same page, follow the best practices covered in this infographic.

contract management, contract negotiation, contracts

Podcasts

7 Must-Haves for Vendor Management Examiners Right Now

Whether your exam is conducted in-person or remotely, this 90-second podcast covers the 7 most important items you should always have prepared.

examinations

eBooks

How to Do Vendor Due Diligence Reviews: The Complete Breakdown

Due diligence is a fundamental component of any third-party risk program. We will break down how to do vendor due diligence reviews on 6 of the most common reports we do.

ongoing monitoring, oversight

Interviews

Interview with Jenn Wilkinson

Jenn Wilkinson, Vice President of Strategic Vendor Management at Cenlar FSB, shares her thoughts on the process of building an expert vendor management program from the ground up.

third-party risk management program, due diligence, initial vendor vetting

eBooks

Creating and Updating Your Third-Party Risk Management Procedures Documentation

This comprehensive eBook breaks down how to create your third-party risk management procedures documentation.

vendor risk management program

Podcasts

The Hazards of Incomplete Vendor Due Diligence

By not being aware of the hazards of incomplete vendor due diligence, you could be putting your organization at risk. Listen to this 90-second podcast for the most important hazards to know.

ongoing monitoring, oversight management

Infographics

How to Manage Issues with Vendors

This infographic will walk you through key best practices and a process that will help you mitigate some of the risks of dealing with issues with your vendors.

issue management

Podcasts

3 Questions to Include in Vendor Information Security Assessment Questionnaires

Listen to this week’s podcast to find out three important questions we recommend you include in your questionnaire.

cybersecurity

Podcasts

What Is Vendor Business Continuity Management?

Understand the basics of business continuity management with this 90-second podcast that breaks down what you need to know about the process.

BCP

Infographics

How to Rate Your Vendor's Risk

When it comes to vendor risk assessments, the process can seem overwhelming. This infographic helps you determine your vendor's risk rating.

Podcasts

5 Requests to Always Negotiate into a Vendor Contract

There are important requests you need to include in all of your vendor contract negotiations. These 5 will help set your organization up for success. Find out what they are by listening to this podcast.

Infographics

COVID-19 Shines a Light on the Importance of Third-Party Risk Management

Looking for ways to improve your program in light of the recent pandemic? This infographic breaks down what you need to know.

Podcasts

The 7 Phases in the Third-Party Risk Management Lifecycle

In this informative podcast, you’re going to learn the seven phases of the third-party risk management lifecycle. Our expert will provide you with an overview of each one.

Infographics

Are You Ready for the COVID-19 Vendor Risk Management Tsunami?

With COVID-19 impacting many vendors' businesses, use this infographic to help you prepare for the aftermath.

Podcasts

Handling Problem Vendors

Listen this roundtable discussion to hear from three third-party risk management experts as they share their thoughts on handling problem vendors who won't play nice in the sandbox.

ongoing monitoring, oversight, due diligence

Infographics

What to Do After a Vendor Management Exam

Do you know what steps to take after the vendor management exam concludes? This infographic breaks down the main areas that you should focus on.

examinations

Podcasts

5 Signs It's Time to Augment Third-Party Risk Staff

Organizations may not have the internal capabilities to properly manage every step of the process. Listen to this podcast to learn how to determine if your organization could benefit from outsourcing vendor management support.

staffing, outsourcing

Infographics

The Stages of the Third-Party Risk Management Lifecycle

This infographic walks you through what you need to know about the distinct stages in every vendor's lifecycle.

Podcasts

7 Steps to Take When You Have a Vulnerable Vendor

You should be proactively taking steps to mitigate risks posed by potentially vulnerable vendors. This podcast covers seven steps you can take to ensure your organization is safe against vulnerable vendors.

ongoing monitoring, oversight, due diligence, oversight management

Infographics

How to Manage Issues with Vendors

This infographic will walk you through key best practices and a process that will help you mitigate some of the risks of dealing with issues with your vendors.

ongoing monitoring, oversight, due diligence, oversight management

Infographics

7 Speedy Vendor Oversight Tips to Know

You must maintain proper vendor oversight, especially in today's changing environment. Download this infographic that breaks down how to handle the process efficiently.

ongoing monitoring, oversight, due diligence

Podcasts

Understanding Vendor Cybersecurity Posture with the CIA Triad

There are three key components of information security that you should monitor when analyzing your vendor’s information security strength. Listen to this podcast to understand the CIA Triad.

cybersecurity, information security

eBooks

Top Third-Party Risk Management Terms to Know

Developed by industry experts, you can reference this third-party management glossary for key words in the vendor management process.

Podcasts

10 Quick Signs Your Vendor's Financial Performance Is Declining

Protect your organization by looking out for the 10 signs covered in this 90-second podcast that will indicate your vendor's financial performance is declining.

financials

Checklists

Due Diligence for Low, Moderate and High-Risk Vendors

Use this checklist on specific common due diligence items you need to gather for based on if your vendor is classified as low, moderate or high risk.

Podcasts

5 Vendor Pandemic Planning Takeaways Learned from COVID-19

To be better prepared for future pandemic related situations, use these 5 takeaways learned from COVID-19 to improve your third-party risk management procedures.

vendor management procedures, business continuity, disaster recovery

Infographics

11 Things to Do Before You Jump Into Vendor Risk Management

Use the 11 tips in this infographic to help you prepare yourself for properly managing vendor risk.

third-party risk, third-party risk management

Podcasts

What to Know About the FDIC Fintech and Third Parties Guide

There are specific requirements fintech companies and third parties must comply with if they're going to partner with a bank. Listen to this week's podcast to learn what you need to know about the FDIC guide for fintechs and third parties.

Infographics

Vendor Financial Health Monitoring: Warning Signs to Watch Out For

Is your vendor’s financial performance declining? To protect your organization there are some warning signs to look out for. Be aware of what the consequences are and your steps for recourse.

oversight, ongoing monitoring

Samples

Free Financial Health Assessment

As part of vendor risk management, you need to know your third party's financial condition. Download a free analysis on your core vendor now.

Podcasts

3 Constant Requirements in the Vendor Lifecycle

There are 3 "behind the scenes" vendor lifecycle requirements that are constant and should be maintained throughout the entire vendor relationship. Listen to this week's 90-second podcast to learn more about what they are and why.

third-party risk management

Infographics

10 Vendor Risk Management Practices You Should Be Doing During the COVID-19 Pandemic

These COVID-19 vendor management best practices will help you with current challenges.

third-party risk best practices

Podcasts

5 Next Steps After the Vendor Management Exam Concludes

While preparing for a vendor management exam is a crucial step in the process, how you follow-up after the exam is equally as important. Listen to this podcast that will cover the 5 next steps you should be taking after a vendor management exam concludes.

examination, third-party exam, audit

Infographics

How to Review a Vendor's Pandemic Plan

This infographic will breakdown what you need to be looking for in your vendor's pandemic plan to keep your employees and customers safe.

business continuity, disaster recovery, pandemic planning, due diligence

Infographics

Top 4 Areas of Vendor Cybersecurity to Pay Attention To

This infographic breaks down four key areas to pay attention to regarding vendor cybersecurity that will help you prepare your organization.

Podcasts

4 Ways to Optimize Ongoing Vendor Oversight

By periodically conducting due diligence, you will be able to ensure your vendors are still meeting your organization’s needs. This 90-second podcast covers 4 tips that will help get you started.

Podcasts

Overview of the 7 Pillars of Vendor Management

Regulatory guidance sets out fundamental expectations. It’s important from the management and exam standpoint that these pillars are in place. Learn more in this podcast.

Infographics

Applying Multiple Layers of Collaboration Within Vendor Risk Assessments

Communication and collaboration are key in implementing a risk assessment process. Download this infographic for how to collaborate during the process.

Podcasts

4 Underlying Reasons Why Vendor Financial Reviews Are Critical

Does your organization understand your vendor’s financial viability and performance? Here are 4 reasons why your vendor’s financial performance is crucial for you to report on.

Infographics

Why Vendor Due Diligence Reviews Are Not a "Check-the-Box" Activity

Due diligence is an important step in vendor management, so cutting corners can be dangerous. Learn what could go wrong with a check-the-box approach.

eBooks

Unacceptable Vendor Due Diligence

Performing vendor due diligence is a regulatory requirement and sound business practice. This eBook helps you identify unacceptable vendor due diligence in 5 major reports.

Podcasts

4 Tips to Help Make Vendor Management a Priority

Vendor risk management is important to meet regulatory guidelines. Listen to this podcast for 4 tips to help you make third-party risk a key priority in your organization.

eBooks

How to Guide: Creating a Vendor Risk Questionnaire

This eBook will guide you through creating an effective vendor risk assessment questionnaire of your own for proper third-party risk management.

Podcasts

Who, What and Why of a Vendor Risk Appetite Statement?

Do you need help determining what your vendor risk appetite is? This podcast answers common questions you may have when it comes to determining your organization’s risk appetite.

Whitepapers

State of Third-Party Risk Management 2020

Venminder’s State of Third-Party Risk Management 2020 whitepaper provides insight into how a variety of different organizations across multiple industries manage third-party risk management.

Podcasts

6 Tips for a Strong Vendor Management Program

Your vendor management program should be specific and unique to your organization’s needs. Listen to the 6 best practices covered in this podcast for creating a third-party risk program.

Podcasts

Understanding Initial Vendor Due Diligence

This podcast breaks down what initial vendor due diligence is and why your organization should incorporate it into your vendor management program.

eBooks

Is Your Vendor Management Program Inadequate?

Do you know the signs of an inadequate vendor management program? Download this eBook to walk you through what you need to look out for.

Podcasts

The 6 Primary Categories of Vendor Risk

Different types of vendor risk require unique approaches. This podcast breaks down the 6 main categories of vendor risk to help you improve your organization's overall approach.

eBooks

30 Third-Party Risk Management Best Practices in 2020

It's critical to take into account recent best practices in order to be as prepared as possible for vendor management. This eBook has 30 best practices everyone should know.

Podcasts

4 Similar Yet Different Vendor Management Concepts

Each vendor management concept brings varying components to an organization’s overall structure. Listen to this podcast to dive deeper into each concept.

Infographics

14 Third-Party Risk Management Myths You Should Ditch in 2020

There are a few common misconceptions to be aware of and leave in 2020 in order to be more successful. Download this infographic to get started.

eBooks

20 Helpful Vendor Risk Management Resources for 2020

If you are prepping for 2020, check out this eBook with the 20 popular vendor risk management resources that your peers have found valuable.

Podcasts

5 Next Steps to Address Repeat Vendor SLA Failures

When your vendor fails to meet the SLA requirements outlined in your contract, it can have negative consequences. Listen to this podcast for next steps.

eBooks

Guidance on How to Master Third-Party Risk Management in 2020

Many components, processes and resources makeup a successful third-party management program. This comprehensive eBook helps you master third-party risk.

Podcasts

7 Steps to Take If It's Time for a New Vendor in 2020

If your vendor isn't meeting your organization’s needs, it may be time to start searching for a new vendor. Listen to this podcast for steps to help you with the process.

Checklists

Vendor Checklist: Determine If Your Vendor Is Naughty or Nice

When you are evaluating your vendors, you can use this handy checklist to help walk you through the process.

Podcasts

5 Best Practices of Successful Vendor Risk Assessments

One of the most crucial aspects of vendor management is performing a third-party risk assessment. Use these 5 practices to help get started.

Podcasts

4 Big Third-Party Risk Management Updates from 2019

Use the third-party risk lessons and guidance learned this year to help your organization be even more successful with vendor management in 2020.

Checklists

Your To-Do List for Vendor Contract Renewals

As a part of your ongoing monitoring, you need to stay on top of vendor contracts and renewal dates. Use this checklist to help.

Podcasts

4 Best Practices to Improve Your Vendor Due Diligence Strategy

Listen to this 90-second podcast to hear our four third-party risk expert tips to help you when improving your vendor due diligence strategy.

Checklists

Third-Party Risk Management Audit Checklist

Use this checklist of things to help you manage and be sure you’re prepared when you hear the auditors are coming for a visit.

Infographics

The Differences Between a High-Risk and Critical Vendor

Learn more about the specific differences between high-risk and critical vendors with this helpful infographic.

Podcasts

8 Best Practices for Creating or Updating Your Vendor Management Program Documentation

Whether you’re creating your program for the first time, or revising it, here are 8 best practices.

Infographics

Vendor Risk Management Cheat Sheet

What is vendor management and where to start, what you should know to mitigate risk, vendor lifecycle stages, who's responsible for what in a typical lifecycle and useful links and resources.

eBooks

Creating and Updating Your Vendor Risk Management Policy

There isn’t a one-size-fits-all solution to vendor management policies. Use the regulatory expectations and industry best practices to help.

eBooks

Horror Stories: Third Parties Behaving Badly

Here are examples of vendor management horror stories so you know what to avoid in order to better protect your organization.

eBooks

Third-Party Risk Management: 2020 SEC OCIE Priorities

How to be proactive in addressing cybersecurity concerns, anti-money laundering and vendor risk management expectations.

Podcasts

8 Benefits of Vendor Risk Management

There are many benefits of vendor risk management. Understand why vendor risk is important and how to use these steps in your organization by listening to this podcast.

Podcasts

5 Tips for Budget Planning in Third-Party Risk Management

Budget season is upon us! Prepare yourself and your organization by planning ahead now for third-party risk. Listen to this podcast for more information.

Infographics

Importance of Vendor Due Diligence and Oversight

To help you with the due diligence and vendor oversight stages of the third-party risk process, use this infographic to help walk you through what you need to know.

ongoing monitoring

Podcasts

Is Your Vendor's Cybersecurity Your Weak Link? Avoid the Horror

You can start to better understanding of what specific items you need to look for in your vendor’s cybersecurity plan with this 90-second podcast.

Infographics

Fintech Provider: Why Your Third Parties Have Become Important to Financial Institutions

Understand why the risk your third parties pose to you is important to your financial institution clients. Download the infographic.

Infographics

Third-Party Risk Management Practices for Fintech Companies

What fintech companies need to know about third-party risk management, regulations and 4 tips to meet regulator and client expectations.

Podcasts

6 Best Practices for Managing Third-Party Cybersecurity Risk

Take steps to protect your organization from vendor cybersecurity risk. Listen to this podcast for 6 steps to manage third-party cybersecurity risk.

Podcasts

11 Items to Look for in Your Critical Vendor’s Business Continuity Plan

There will be business events that occur with your vendor that can impact your organization. Listen to this 90-second podcast to learn 11 items to look for in business continuity plans.

Infographics

6 Ways for Ongoing Monitoring of Your Vendors

You need to focus on oversight and ongoing monitoring of your vendors before and after you sign the contract using the 6 ways to improve your process.

Infographics

Vendor Contract Negotiations: What to Negotiate for Third-Party Risk Management

This useful infographic that will walk you through what to negotiate into a contract for third-party management.

Podcasts

10 Ways to Improve Your Third-Party Risk Management Program

Proper vendor management requires you to periodically go update and improve elements of your program. Listen to this 90-second podcast to hear specific steps to take to improve your third-party risk program.

vendor management program, vendor risk management program

Podcasts

7 Steps to Take After Receiving a Vendor SOC Report

There are steps you can take to make the process more efficient when reviewing a SOC report. Listen to this week’s podcast to find out 7 steps to take.

eBooks

Are You Reviewing Your Vendor's BCP and Disaster Recovery?

It's critical to verify if your vendor is implementing strong business continuity and disaster recovery planning. This eBook will break it down for you.

Podcasts

5 Ways to Prevent Problems in Third-Party Risk

The constant shift can lead to occasional problems in third-party risk management. If you take the time to manage the process correctly and implement specific procedures, it could help you avoid costly errors down the line.

ongoing monitoring, oversight, due diligence, issue management

Infographics

Vendor Risk: Contract Negotiations Best Practices

In this infographic, dive into the negotiation component and ensure maximum value from your outsourced relationship.

Videos

9 Tips for Successful Vendor Contract Management

Improving how your organization manages the process will help you clearly define vendor expectations and responsibilities. Watch this 90-second video to get a fast overview and best practices for vendor contract management.

eBooks

Choosing the Right Third-Party Risk Operating Model

Because there's no one-size-fits all approach to vendor management, it's important you determine which model will help your organization reach its goals. This eBook will help.

Podcasts

9 Tips to Prepare for a Third-Party Risk Examination

For a smooth third-party risk examination, 3-4 months in advance of the examiners’ arrival you should prepare or fine-tune these 9 documentation items. We'll tell you what they are and some tips.

exams

Infographics

11 Techniques to Monitor Third-Party Compliance Risk

You need to monitor your vendor’s compliance with regulatory guidance, auditors, examiners and consumer expectations. Use this infographic to help.

compliance management, exams, audits

eBooks

12 Ways You Can Improve Your Third-Party Risk Management Program

It may be time to revisit your vendor management program. This eBook walks you through 12 ways you can start to improve your third-party risk management program.

Interviews

Interview with Jo Ann Barefoot

Jo Ann Barefoot, CEO at Barefoot Innovation group and Cofounder at Hummingbird Regtech, shares her thought provoking insight on how organizations are handling third-party risk management.

regtech

eBooks

6 Elements of a Successful Vendor Risk Management Program

Make your vendor risk management program is successful, here 7 are the seven critical items that you need to focus on.

Interviews

Interview with Michael Donnella

This interview features Michael Donnella, Corporate Compliance Officer of Murphy Oil Corporation. Michael shares his perspective on corporate compliance and why having a culture of compliance in third-party management is crucial for organizations.

regulatory compliance, regulatory guidance

Checklists

Model Vendor Due Diligence

This infographic will walk you through key best practices and a process that will help you mitigate some of the risks of dealing with issues with your vendors.

Videos

Pre and Post-Contract Vendor Due Diligence

Throughout your vendor risk management process, you should be conducting due diligence both pre and post-contract. In this 90-second video, learn the different due diligence items you should be requesting from your third-party vendors.

contract management

Podcasts

Why Vendor Complaints Matter and Why You Should Care

You need to also monitor your vendor's complaints as a critical part of third-party risk management. Listen to this podcast for more information.

Podcasts

How to Determine Vendor Regulatory Risk

Regulatory risk is used to determine the vendor relationship’s risk rating . Listen to this 90-second podcast to learn more about the categories of regulatory risk and how you can determine your vendors' regulatory risk.

eBooks

What Is the ROI of Vendor Risk Management?

Vendor management may seem like a large investment, but there is a significant ROI if the process is managed properly. Better understand how your third-party efforts can save your organization money.

Videos

3 Questions to Determine Critical Vendors in Third-Party Risk Management

Determining who your critical vendors are is an important part of the process. Watch this 90-second video, and hear important questions to ask yourself in order to figure out which of your vendors are critical.

risk assessments

Infographics

10 Tips Collecting Due Diligence Documents

Better understand when to start your due diligence, what to do if you can't get a document, why you need a good working relationship with your lines of business.

Infographics

Strategies to Improve Your Vendor Due Diligence Process

Improve your vendor due diligence process, with this informative infographic that covers specific strategies that you can use to protect your organization.

Podcasts

5 Mid-2019 Tips to Be Proactive in Vendor Management in 90 seconds

With 2019 underway, we decided to put together some tips to help your organization stay proactive in vendor management. This podcast will give you a quick refresher on third-party risk best practices.

Videos

9 Steps to Creating an Effective Third-Party Risk Program in 90 Seconds

An effective third-party risk management program is key to protecting your organization. Watch this 90-second video to learn the 9 steps that you should take in order to create a third-party risk program.

Infographics

10 Best Practices of Really Good Vendor Managers

To help you and your team succeed in your vendor management, we’ve put together an infographic on the top 10 best practices that every good vendor manager should follow.

Interviews

Interview with Lori Frank

Listen to this interview to hear President and CEO of Argos Risk, Lori Frank, cover current third-party risk management challenges and shifts in ongoing monitoring trends in the industry today.

oversight management

eBooks

Vendor Risk Management Exam Prep Guidebook

Download this educational eBook to learn how to impress auditors and requirements to be more prepared for your next vendor risk exam.

Podcasts

Developing an Effective Complaint Management System for Vendor Management

How your organization manages and responds to complaints has become critical. Here are some tips to help you develop an effective complaint management system.

Infographics

What / Why / When / Who / Where of Vendor Risk Assessments

Risk assessments are vital to the success of an organization’s vendor management program as you delve further into any risks vendors pose. This infographic shows you the what, why, when, who and where of them.

Podcasts

Fourth Party Vendor Risk Management in 90 Seconds

Here are some specific steps you can take with fourth party risk management that will help be more prepared and protect your organization.

Infographics

Creating a Vendor Risk Management Program that Protects Your Organization

Having a strong vendor risk management program is a great way to protect you and your customers. This infographic covers how to create a program.

Videos

Third-Party Document Collection Best Practices in 90 Seconds

Due diligence is another term for third-party document collection. It is one of the most critical activities in third-party risk management. Watch this quick overview of best practices for third-party document collection.

Podcasts

5 Steps to Measuring Your Vendor’s Financial Health in 90 Seconds

Listen to this podcast for 5 important steps that you can take to measure your vendor's financial health.

Podcasts

6 Vendor Contract Management Best Practices in 90 Seconds

Listen to this podcast to learn about vendor contract management from our experts, the importance of contracts to your organization and what steps you should take to protect your institution.

Samples

Free Vendor SOC Assessment

Download a sample SOC analysis summary document that allows you to focus on the important components, including the set of controls that you control directly.

Infographics

Do You Have Dirty Vendors? It May Be Time to Spring Clean

Is there a way to know if you have “dirty” vendors who could use some dusting off? Ensure you know everything important and what steps to take to help you spring clean your vendors.

Interviews

Interview with Jennie Fowler

This interview features Jennie Fowler, Director of EPMO and Vendor Management Officer, at American Credit Acceptance. Throughout the interview, Jennie shares her recommendations to obtain support from the C-suite when it comes to vendor management.

regulatory guidance, buy-in, reporting

Infographics

When Does a Fourth-Party Vendor Require Your Attention?

Do you know who your fourth parties are? This infographic will help get you started with the when and how of identifying your fourth-party vendors.

Podcasts

Do I Have to Risk Rate Every Vendor?

In this 90-second podcast, we will cover the specific steps you should take in order to determine the vendors that need to be included in your vendor oversight.

eBooks

Guide to Risk Management Lifecycle

This eBook takes an in-depth view into the 5 phases of the vendor management lifecycle that you need to be aware of in order to reduce risk for your organization.

Interviews

Interview with Nicole DeSantis

This interview focuses on the three lines of defense model discussion and how there should be a well-developed vendor management structure at all organizations regardless of the size.

eBooks

Vendor Issues and Challenges: What Leverage Do You Have?

Download this eBook for the challenges and possible solutions you may potentially encounter to help you prepare for various vendor management issues.

Videos

Managing Third-Party Risk in 90 Seconds

Effective third-party risk management can protect your organization by managing the risks you are taking by outsourcing a product or service. In this 90 second video, you will learn about the different phases involved in vendor management.

Infographics

Is It Time to Break Up with Your Vendor?

You should partner with a vendor who meets your organization’s expectations. Download this infographic for signs that it is time to end your vendor relationship.

Podcasts

8 Tips on Maintaining Good Vendor Relationships in 90 Seconds

Maintaining strong vendor management relationships will help lead to a successful partnership for your organization. In today’s podcast, we’ll cover 8 important tips to maintain good vendor relationships in 90 seconds.

Infographics

Understanding the Differences Between a Vendor SOC 1, 2, 3

Download the infographic to learn the definitions of each type of SOC report and how they can benefit your organization.

Podcasts

Your Third Parties - Potential UDAAP Risk in 90 Seconds

UDAAP has presented some concern to third-party risk professionals. In this podcast we cover procedures and best practices to effectively manage UDAAP and your third parties.

regulatory compliance, guidance

Podcasts

7 Reasons Why You Shouldn’t Use Spreadsheets for Vendor Risk Management

With the increase in regulations and vendor oversight requirements, managing vendors with a spreadsheet is very inefficient. Here are 7 reasons why spreadsheets will not cut it anymore.

reporting, regtech

Infographics

14 Third-Party Risk Management Myths You Should Ditch in 2020

There are a few common misconceptions to be aware of and leave in 2020 in order to be more successful. Download this infographic to get started.

Interviews

Interview with Spencer Knibbe

This interview focuses on the role of vendor management in financial institutions from a legal and regulatory perspective. We cover the pain points organizations are experiencing for third-party risk, which includes data aggregation, organizational consistency, reporting and cybersecurity.

Podcasts

5 Quick Tips for Developing a Vendor Risk Assessment Template

We'll cover tips for developing a vendor risk assessment template, also referred to as a VRA questionnaire. These are important while assessing how much risk your vendor presents to you. Check out our 5 recommendations.

Infographics

Identifying Critical Vendors: 3 Fool-Proof Questions

This infographic covers three best practices that will help you establish standards for identifying your critical vendors.

Podcasts

How to Write a Vendor Management Policy

When getting started in vendor management, there are three sets of documents that you want to create. The first document that you should focus on writing is your third-party risk policy. In this podcast, we're going to walk you through 6 steps to take in order to write an effective policy.

Infographics

Inherent vs. Residual Vendor Risk

What is inherent risk and how to determine it, why residual risk is never higher than inherent risk and 4 important tips to follow.

Infographics

How to Rate Your Vendors Regulatory Risk

Evaluating your vendor's regulatory risks ahead of time can help you avoid some very costly surprises down the road. Use this infographic to see how to rate your vendor's regulatory risks.

Podcasts

5 Best Practices of Hiring Vendor Management Staff for 2019

Are you looking to expand your vendor management team? There are certain steps you can take in order to find the most effective team your organization. In this podcast, we discuss 5 tips to recruit potential vendor management team candidates.

staffing

Infographics

Let's Solve the Third-Party Risk Management Puzzle

Put your knowledge to the test by downloading this crossword puzzle that is filled with third-party risk clues and phrases.

Podcasts

7 Attributes of Good Vendor Managers to Continue in 2019

Vendor management typically takes an individual who is meticulous in detail, thorough and patient to perform the job. In this podcast, we’ll wrap up the year and touch on some attributes found in good vendor managers.

staffing

Interviews

Interview with Keith Koo

This interview covers qualifications that are needed on a third-party risk management team, why cybersecurity risk is something that you can never defeat and a thought provoking conundrum about the introduction of decentralized technology.

cybersecurity, team

Infographics

25 Common Vendor Risk Management Errors to Avoid in 2019

It's easy to get so involved with vendor management that you miss basic, but key, items. Find out what the top 25 errors are to avoid in your vendor management program in 2019.

Podcasts

Top 7 Best Practices in Vendor Management from 2018

This podcast covers 7 of the 2018 best practices that you should continue into the new year. They range from engaging the first line of defense through continuing education.

third-party risk management process

Podcasts

10 Reasons to Be Thankful for Vendor Management

Now is the time to reflect on the year and some of those reasons to be thankful for a well-developed vendor management program. Let's go through 10 reasons now.

Interviews

Interview with Brian Tate

This interview covers both a legal and industry perspective on third-party risk, impact of fraud in third-party risk management, discussion regarding increased oversight at the state level and a post Dodd-Frank Act lesson - senior management and the board must be involved.

regulatory compliance, guidance, reporting

Podcasts

Preparing for Periodic Vendor Updates to the Board

Third-party risk management needs to be a part of the board's regular activities. Listen to our 5 tips to help you prepare for periodic vendor updates to the board

Infographics

UDAAP and Your Vendors

This infographic will guide you through what you need to know about UDAAP and add clarity to what to do as it relates to your vendors.

Infographics

8 Actionable Ways to Increase Efficiency in Your Third-Party Risk Management

With the increase in regulatory demands, it's crucial to be as efficient as possible. Take the right steps to increase efficiency - we have 8.

eBooks

8 Terrifying Third-Party Risk Management Stories

We gathered 8 terrifying real-life third-party risk management stories from compliance officers and vendor management teams across various sizes of organizations. Learn from their mistakes.

Infographics

My Vendor Has Suffered a Data Breach: Now What?

Are you prepared to handle it when your vendor suffers a data breach? Cyber attacks have become a normal part of daily routine. Learn what to do.

Infographics

10 Best Practices When Handling a Vendor Data Breach

Be prepared for when your vendor experiences a data breach by doing these 10 best practices. Hackers do not discriminate when looking for an asset to attack.

Infographics

How to Mitigate Vendor Risk with Contract Management

Follow these basic dos and don'ts of vendor contract risk management. There are steps to take, 8 additional tips to help mitigate vendor risk and 5 huge mistakes to avoid.

Infographics

New York Regulators Take Aim at Cybersecurity Expectations

The relatively new New York Department of Financial Services (NYDFS) regulations not only cover the organization, but also the organization's third-party vendors. Ensure you're in compliance.

regulatory compliance, guidance

Interviews

Interview with Ashley Kelley

Join us and Ashley Kelley, VP of ERM at APCU, for a discussion on third-party risk overall, centralizing third-party risk management - why it can be a struggle but is needed, insight from the VP for the International Association of Financial Crimes Investigators (IAFCI) on cybersecurity expectations and concerns and more.

Podcasts

Quick Tips for Developing Your Third-Party Policy, Program and Procedures

A well-developed policy, program and procedure documents are all crucial to the success of an organization’s third-party risk management department. Listen for some quick tips to help you.

vendor management program

Infographics

7 Steps to Protect Against Rising Vendor Cybersecurity Risks

Could your vendors be your weak link? To learn how to protect your organization from third-party vendor cyber risk, our infographic covers 7 key steps to follow.

cybersecurity, information security

Podcasts

What Is the Difference Between a Vendor SOC 1 and SOC 2 Report

SOC reports differ based on what they cover, how the auditor performs the assessment and what level of detail the reports include. Learn the differences between a vendor SOC 1 and SOC 2 report and Type 1 and Type 2.

cybersecurity, information security

Infographics

Fourth Party Oversight and How to Organize the Effort

Fourth parties are just as important as third parties. They can have access to your confidential information and thus you must make sure you do proper oversight and effort with these companies.

Infographics

Don't Sign the Vendor Contract Just Yet

Whether negotiating a new vendor relationship or renewing an existing one, learn how to develop a contract that clearly defines expectations and responsibilities of the vendor, tips and best practices.

eBooks

The Importance of Vendor Financial Performance eBook

Download this eBook to guide you in determining your vendors capacity to continue to provide safe, secure and quality products/services at the level you require. 

Podcasts

10 Reasons for a Third-Party Risk Management Budget in 2019

In this podcast, we'll go through 11 reasons to consider your third-party risk management department/program when budgeting for the upcoming year.

budget, ROI

eBooks

How to Review a Vendor SOC Report

Learn how proper review of a vendor SOC report helps your org, when to obtain and review a SOC, differences between SOCs, Complementary User Entity Controls, key areas to review and more.

Interviews

Interview with Michael Morris

Join us and Michael Morris, Systems Partner at Porter Keadle Moore, LLP, for an auditor's perspective on vendor risk management. Topics covered include: best practices for managing risk, addressing today's cybersecurity threats and risks, top areas of concern for a SOC audit report and more.

Podcasts

Budgeting for 2019: 5 Vendor Contract Considerations

It's a best practice to consider the costs associated with negotiating key contract terms and pricing within your third-party risk management program. Listen to this podcast that covers 5 vendor contract considerations for your budget.

ROI

Interviews

Interview with Amy Hanna Keeney

Join Venminder and Amy Hanna Keeney, Attorney with Adams and Reese LLP, for a thought-provoking interview on 2018 CFPB progress & activities, what you can expect from the CFPB in regards to regulatory guidance, the future of UDAAP enforcement actions, CFPB hot topics for the coming months and more.

regulatory guidance, regulatory compliance

eBooks

Guide to Your VRM Policy, Program and Procedures

This eBook covers key components of your third-party risk management policy, program & procedures, tips, using lines of defense strategy and best practices for using all 3.

vendor risk management

Podcasts

Vendor Risk Management and FFIEC Appendix J

This podcast covers how FIEC’s Appendix J relates to your vendor risk management program and 4 key elements of business continuity planning that you should address when contracting with a third-party service provider.

regulatory guidance, compliance

Infographics

Why You Should Assess Vendors at the Product Level

Learn what to include, reasons why you'd need multiple assessments, an example and 3 best practices.

Infographics

24 Best Practices to Minimize Vendor Risk

Take a look at what we consider to be 24 of the current best practices to minimize vendor risk and ensure your org is a top performer in TPRM.

Podcasts

5 Third-Party Risk Management Best Practices for a Fintech Provider

Allow your clients to feel much more at ease when selecting you as their preferred vendor of choice to continue doing business with - follow these 5 best practices now for a well-developed and organized third-party risk management process.

Infographics

Are Your Vendors in Compliance?

Ensuring that your vendors are meeting their regulatory exam expectations is a key part of vendor risk management. Download this infographic now to learn about managing and mitigating compliance risk.

Podcasts

The Importance of Vendor Due Diligence

Vendor vetting and ongoing monitoring are both important stages of the vendor lifecycle and due diligence process, but, why exactly is due diligence so important for vendor risk management? Listen to our third-party risk management podcast now to learn the top 5 reasons.

Infographics

Vendor SOC for Cybersecurity Report

When and how to request a SOC for Cybersecurity, what it includes and differences between a SOC 2 vs. a SOC for Cybersecurity. Mitigate cybersecurity risk now.

eBooks

Vendor Risk Management and the SSAE 18 Audit

As a third-party service provider, the SSAE 18 audit requires that you have an effective vendor management program in place. Are you prepared? In our latest eBook, we'll take you through all the steps you need to know for..

regulatory compliance, regulatory guidance

Podcasts

4 Best Practices to Take Away During a Breach

We all hope to never experience a breach at our organization, but if it does happen, do you know what to do? You can minimize the chance of it happening again by using these 4 best practices to improve your third-party risk management program.

data breach, cybersecurity, information security

Infographics

SLAs - Trying to Get Out of a Vendor Contract

What the SLA should state, opportunities provided by SLAs to your organization, negotiating service levels, the 8 elements a model SLA should include, best practices and more.

Podcasts

6 Tips to Balance Third-Party Risk Management Tasks

Third-party risk management is associated with a great deal of tasks and a large workload, so here are 6 tips that can provide some relief.

Infographics

The Ultimate Vendor Risk Management Infographic

We've put together the ultimate complimentary infographic that breaks down vendor risk management and guides you through some of the most commonly asked questions.

Infographics

Advantages & Best Practices Vendor On-Site Visits

On-site visits are an important part of vendor due diligence. While the vendor types which warrant one will vary, these tried and true best practices remain the same.

eBooks

Contract Management Guide & Best Practices

Proper vendor contract management can mitigate risk. Learn the phases of contract management, how to overcome challenges and best practices.

Podcasts

How to Do a Vendor Risk Assessment

Listen to this third-party risk management podcast where we take into consideration regulatory guidance OCC Bulletins 2013-29 and 2017-7 and FDIC Letter 44-2008 to help guide you through the vendor risk assessment process. Learn how to complete a vendor risk assessment, steps and tips.

Infographics

Simplify Information Security Assessments

A third-party information security assessment is an integral part of judging a vendor's risk level. Learn 3 core principles, key regulatory guidance, why use one and 3 questions to ask.

cybersecurity

Interviews

Interview with Loraine DeBonis

Join us and Loraine DeBonis of Ubiquity Compliance Solutions for key takeaways from a panelist at the NBPCA’s Power of Prepaid conference perspective, challenges banks & prepaid program managers are facing regarding the Fed’s Regulation E, improving risk management and more.

Podcasts

Improving the Process & Documenting a Mid-Year TPRM Progress Check

You've gone through the 6 steps and best practices for a mid-year third-party risk management progress check, so now what? Listen to learn the next steps to take, how to document your findings and how to improve upon the process as a whole.

Interviews

Interview with Ed DeMarco

Join us and Ed DeMarco, General Counsel and Director of Operational Risk & Regulatory Relations/Communications of the Risk Management Assocation (RMA), for a discussion on vendor risk management challenges & best practices, cybersecurity, regulatory compliance and more.

Infographics

Why We Do Vendor Due Diligence for VRM

When you understand why vendor due diligence reviews are necessary, it’s easier to see the increased benefits and make due diligence a priority. Download this vendor management infographic where we'll further explain why.

eBooks

Guidance & Regulations on Third-Party Risk

Key takeaways from the most important third-party vendor risk management regulations and regulators - the FFIEC, OCC, FDIC, Federal Reserve, CFPB, SEC, NCUA.

Podcasts

Fundamentals of BCP within Vendor Management

Business continuity planning (BCP) is important to you and your vendors. Listen as we guide you through the appropriate regulatory guidance to follow, what to plan for, what to restore first and how to recover.

Interviews

Interview with Jim Hussey

Join us and Jim Hussey, Founder of IT-TPRM.com, for a discussion on vendor risk management challenges, why you should place heavier focus on technology or fintech risk, how to engage the first line of defense, advice on meeting OCC lifecycle expectations, best practices and more.

Podcasts

Understanding your Vendors SOC Report - The Basics

What is a SOC report? It's an audit report performed by a public accounting firm and attests to the existence & effectiveness of the controls put in place to safeguard your data. Listen as we break down 6 important parts.

Infographics

Best Practices for Identifying Critical Vendors

Learn what is a critical vendor, how to identify your critical vendors, examples of critical vendors and best practices to monitor for proper third-party risk management.

risk assessments

Interviews

Interview with Andrew Lorentz

Join us and Andrew Lorentz, Attorney at Davis Wright Tremaine LLP. We discuss balancing commercial opportunities with compliance initiatives, importance of community involvement and legal analysis, cybersecurity at exams and outside counsel's view on if the board is properly involved.

Infographics

Assessing Vendor Financial Risk Beyond Numbers

How to assess vendor financial risk. Failing to do so can be detrimental to not only your third-party risk management program, but may have direct implications on how you operate your business.

Interviews

Interview with Glen Trudel

Join us and Glen Trudel, Partner at Ballard Sphar, LLC. We discuss the biggest third-party risk struggles financial institutions face today, how to handle ongoing vendor risk management and vendor oversight, addressing cybersecurity, board involvement, industry expectations and more.

Podcasts

7 First Line of Defense Best Practices

The first line of vendor risk management defense has direct interaction on a day-to-day basis with your third-party. Listen to our podcast for 7 best practices for properly engaging the first line of defense.

eBooks

Examination Preparation GuideBook

Items to have prepared, key steps to ensure a successful exam and 14 tips for planning for the day of the examiner's arrival.

Podcasts

Fourth Party Vendor Monitoring

Fourth party risk and liability is often overlooked because there isn't direct relationship with the fourth party vendor. Listen now for the 3 oversight steps to take regarding your fourth party vendors.

Podcasts

The 3 Vendor Risk Management Frameworks

There are three vendor risk management frameworks to consider: centralized, decentralized and a hybrid approach. We'll teach you the differences and guide you toward the best framework for you.

eBooks

Vendor Risk Assessment Mini Guidebook

Learn how to properly conduct a vendor risk assessment, what it is, why it's important, the vendor risk assessment process, best practices and more.

Podcasts

Criticality and Vendor Oversight

When determining your level of oversight on a vendor, you’ll clearly want to determine their criticality and risk level first. Listen to this podcast to help guide you through the process.

Infographics

The Final Countdown to GDPR

Be prepared to comply with the General Data Protection Regulation (GDPR) - it impacts EU and U.S. companies.

Infographics

How to Do Vendor Due Diligence Properly

Guide for initial and ongoing due diligence that covers how to do it properly, benefits, items to request, understanding your vendor's regulatory risk impact and more.

Interviews

Interview with Glen Trudel

Glen Trudel, Banking and Corporate Attorney at Ballard Spahr, discusses general challenges organizations are facing when it comes to third-party risk and best practices to overcome those hurdles.

Podcasts

Non-Elective Vendor Oversight Responsibility

A non-elective vendor is one you don't have a direct relationship with, but your third-party does - making them a risk to you and therefore requiring some oversight. Listen to learn the associated responsibilities.

ongoing monitoring, due diligence

Infographics

Collaboration within Vendor Risk Assessments

Third-party risk management requires collaboration across multiple lines of business, so it’s imperative that a well thought out risk assessment leverages internal expertise.

Infographics

9 Steps to Complete A Vendor Risk Assessments

Your vendor risk assessment process is the key to mitigating vendor risk. Learn the 9 essential steps, 5 critical risk elements to consider and Q's to ask.

Infographics

Vendor Lists, Classification & Rating

An important step to vetting a vendor is onboarding. Learn best practices, how to streamline a vendor vetting process and more.

Interviews

Interview with James Russell

Join Venminder and James Russell, CPA at Russell Bank Consulting. James discusses third-party risk management changes over the last decade, common third-party risk management issues during examination, how to handle third-party relationships that start to go downhill and more.

audit

Infographics

Quick Guide to Onboarding a New Vendor

An important step to vetting a vendor is onboarding. Learn best practices, how to streamline a vendor vetting process and more.

eBooks

In-depth Guide to Onboarding a New Vendor

An important step to vetting a vendor is onboarding. Learn best practices, how to streamline a vendor vetting process and more.

Podcasts

How GDPR Impacts Third-Party Risk Management

While the General Data Protection Regulation (GDPR) has a global impact on any company which is collecting, storing, or accessing European resident data. Listen to Third-Party Thursday to learn what you need to know.

regulatory guidance, regulatory compliance

Podcasts

Erm vs. TPRM

Enterprise Risk Management (ERM) and Third-Party Risk Management (TPRM) are are often used interchangeably, but they are two different functions. ERM is more high level, while TPRM is a smaller subset. Listen to learn more.

Infographics

Vendor Management Models

The types of vendor risk management model frameworks, advantages and disadvantages of each, how to help promote consistency and clarity and how to set up.

Podcasts

Third-Party Risk Management Staffing

Recommendations from a seasoned third-party risk expert for how to determine how many staff members to have on your vendor management team. Follow our three tips in this podcast.

Infographics

Does this vendor make my risk look BIG?

Learn 4 tips when determining who your high risk vendors are, what to do with those high risk vendors and key points of assessing risk.

Interviews

Interview with Elizabeth Khalil

Join us and Elizabeth Khalil, Partner of Dykema Gossett PLLC. She discusses how third-party risk has evolved, UDAAP risk, the need for vendor management from fintech companies, how defining responsibilities eliminate gaps, why efficient ongoing monitoring is key and more.

regulatory guidance, compliance, oversight management

Interviews

Interview with Suresh Ramakrishnan

Venminder sat down with Suresh Ramakrishnan, SVP of Ascendum Solutions, for an interview on third-party risk management best practices and how outsourcing (if managed correctly) can provide greater efficiencies, reduce your workload and help with cost management.

ROI

Podcasts

5 Common Pitfalls in Vendor Contracts

Save time, money and other valuable resources by learning mistakes companies make with their vendor contracts. Listen to see how you can avoid some common pitfalls during all phases of the vendor lifecycle.

Podcasts

Creating Awareness of Third-Party Risk Management

Tips for fostering a third-party risk mindset within your organization - how to create awareness, important members of your company to involve & who the third-party risk responsibility lies within every organization.

Podcasts

CIA Triad Within Vendor Management

In this podcast, you'll learn how your vendor's approach to the CIA triad of information security impacts you and your customers. Being aware will help you against third-party risk.

Infographics

Building an Effective VM Program

Download this infographic for 9 steps for developing an effective program, the importance of analyzing due diligence docs and contract management and more.

vendor management

Infographics

OCC Vendor Examination 2018 Priorities

The OCC's bank vendor management examination expectations, key steps we recommend you take to prepare, why this should be a priority.

Podcasts

9 Key Components to a Successful Third-Party Risk Management Plan

What makes a third-party risk management plan successful? Listen to learn 9 best practices and key components of a well-managed third-party risk management plan for you to implement now.

Podcasts

Consumer Complaints and Vendor Management

Learn how a well-run complaint management system (cms) can turn an upset customer into your best customer along with five elements to include your vendor management policy on complaint management.

eBooks

How To Guide - Analyzing a SOC Report

Learn why you need your vendor's SOC audit report, if you need their SOC 1 or SOC 2, scope: Is your product/service covered in this report and more.

Podcasts

Third-Party Risk Management Regulatory Compliance During Regulatory Change

Here are daily vendor management regulatory compliance efforts you can implement in order to keep up with third-party risk regulatory reform.

regulatory guidance

Podcasts

How, When and Why to Use an InfoSec Questionnaire

Learn the how, when and why of using vendor information security questionnaires for your third-party risk management and how your due diligence process can benefit from it.

information security

Podcasts

5 Key Provisions to look for in your Critical Vendor Contracts

When reviewing and negotiating critical vendor contracts, consider many elements. Here's 5 key provisions to give special attention.

Podcasts

UDAAP And What It Means to Your TPRM Program

Listen to this podcast for what you need to know about UDAAP (Unfair, Deceptive or Abusive Acts or Practices), how they affect your third-party risk management program and items the CFPB is highly critical of.

vendor management, regulatory guidance, regulatory compliance

Podcasts

Due Diligence on Your Fintech Vendors

This podcast covers tips and recommendations for determining due diligence questions to ask your fintech vendors. We'll provide insight into setting the standards that should firmly be expected.

Infographics

7 Pillars of Effective Vendor Management

Download this infographic for what you need to know to protect your institution, your best insurance against unexpected problems, fundamental requirements of vendor risk management.

Podcasts

How To Properly Identify Your Critical Vendors

Go through critical vendor classification and identification with us. Learn standards for identifying your vendors, how to properly identify your scope and 3 questions to ask to determine if a vendor is critical.

Podcasts

Third-Party Risk Management Year End 2017

Join us as we close out 2017 with this thank you vendor management podcast. And, see what our top 10 most popular videos and podcasts were from our Third Party Thursday series for this year.

Podcasts

Why to Stay Abreast of New Vendor Management Regulatory Guidance

The best way to prepare for new regulatory guidance, how to stay in compliance and some commentary on new regulations taking effect in 2018.

Infographics

Vendor Due Diligence Guide - What to Know

Use this handy tool to keep you and your team on track to properly measure, monitor and control risks. Learn what is due diligence, the importance of due diligence & the scope.

Podcasts

Vendor Classification

Learn about 'bucketing your vendors' - a high level vendor classification system that can help you with third-party oversight, ongoing monitoring and preventing problems down the road. We'll also tell you how to develop buckets of your own.

ongoing monitoring, due diligence

Podcasts

Complaint Management System

What to include in your complaint policy and complaint management system to improve vendor management. A well-run system can turn upset customers.

Infographics

How Do You Classify Your Vendors?

How to classify based on product or service, how to classify based on level of risk and next steps to take after you've classified your vendors.

Podcasts

What Should Be In your Third-Party Risk Examination Preparation Handbook

The best strategy for preparing for an examination is to constantly be ready. Listen to learn 7 items you should have in your examination preparation playbook.

Infographics

What Is Vendor Management? AKA TPRM

How to identify all your vendors, essential steps of vendor management, prioritizing vendors according to risk level and why fourth parties are important.

Infographics

Learning from VM Enforcement Actions

Download this infographic for 4 tips to help you avoid an enforcement action, 6 top websites for legal analysis, 2 Q's to ask when reviewing enforcement actions.

regulatory guidance, regulatory compliance, vendor management

Podcasts

Third-Party Risk Management Education

Learn how to get ahead of the game education wise in third-party risk management with these 10 best practices. Staying up to date is a great idea for everyone involved in vendor management.

Podcasts

Creating a Culture of Compliance for Vendor Management

Learn what regulators & senior gov officials in financial services had to say on creating a culture of compliance, why they strongly recommend it and what this entails.

Infographics

Vendor Vetting: 9 Considerations for Pre Contract

Who should decide and who should approve, why you should not simply accept a boiler plate contract and taking your new vendor through a risk assessment.

Podcasts

Vendor Management Board Reporting

Learn what regulators & senior gov officials in financial services had to say on creating a culture of compliance, why they strongly recommend it and what this entails.

Infographics

14 Third-Party Risk Management Best Practices

Download this infographic for who should decide and who should approve, why you should not simply accept a boiler plate contract and taking your new vendor through a risk assessment.

vendor management best practices

Podcasts

UDAAP - Unfair, Deceptive or Abusive Acts or Practices

Learn what regulators & senior gov officials in financial services had to say on creating a culture of compliance, why they strongly recommend it and what this entails.

Podcasts

Brand Names and Vendor Due Diligence

Sometimes people feel too comfortable with a well-known vendor. We cover why even vendors with recognizable brand names require thorough due diligence. No one is immune from third-party risk.

Infographics

Don't Keep Your Board In the Dark of Third-Party Risk

Learn what info to include in board reports, the frequency and format, the appropriate materials to provide in your board reporting package with this infographic.

reporting

eBooks

2017 Third-Party Risk Regulatory Developments

Read this eBook for insights on updates effecting the FDIC, OCC & CFPB, how they effect third-party risk management and how to take action.

regulatory guidance, regulatory compliance

Podcasts

Guidance on OCC Bulletins 2017-7 and 2017-21

Learn key takeaways from two OCC Bulletins issued this year on third-party risk management - OCC Bulletins 2017-7 and 2017-21. Is your institution's vendor management program in compliance?

regulatory guidance

Infographics

Guarding Against Undue Risk from Vendors

What the three lines of defense are, how they guard against undue risk and tips for implementing this strategy at your institution.

Infographics

Service Level Agreements and Your Vendors

What to include in SLAs, about reviewing SLAs and what you can do if one is broken.

Podcasts

The Basic Concepts of Third-Party Risk Management Framework

Listen to learn the basics of the third-party risk management framework, including how it relates to enterprise risk management (ERM).

Podcasts

Mitigating Vendor Contract Risk

In order to have vendor management control, you must have a firm understanding or knowledge of third-party vendor contracts. Learn the 3 pillars in managing them and other points about mitigating contract risk.

contract management

Infographics

Vendor Contract Management Best Practices

13 best practices for managing contracts that you won't find in the FFIEC handbook, where your contracts should be stored and why SLAs in contracts are so important.

Infographics

7 Vendor Risk Attributes to Consider

When you outsource a product or service to a vendor, it’s important to clearly understand the risk that decision may represent to you and your customers.

Infographics

How to Write a Third-Party Program

Download this infographic to learn what a program consists of, 8 best practices and tips and common areas that we see overlooked.

Infographics

What / Why / Who / How of Vendor MGMT

We've come up with a simple infographic available for download to help guide you and your team in understanding the various roles and responsibilities as you build out your vendor management program.

Infographics

How to Write a Third-Party Policy for Risk

Learn what your policy should consist of, best practices and tips and 3 common errors to avoid with this infographic.

Infographics

The Scope of Your Actively Managed Vendors

From a risk standpoint, there are some vendors that you should be managing more actively than others.

Podcasts

Learning From Third-Party Enforcement Actions

Let's say you find out one of your third parties is named in an enforcement action, even if it is unrelated to your institution, what do you do? Listen to learn the six necessary steps to take.

regulatory guidance, regulatory compliance

Podcasts

Third-Party Due Diligence

In this short vendor management video, you will learn four key points you need to know regarding third-party due diligence and what items your due diligence checklist should contain to keep your institution safe from third-party risk.

Podcasts

Understanding Vendor SOC Scope, Time and Narrative

Learn what the scope of a vendor's SOC report means and where to find it along with what typical audit periods are and a few questions to ask yourself while reviewing the narrative.

Podcasts

7 Steps of Vendor Vetting

Learn the 7 key things you should do with every new vendor. These steps are essential to the vendor vetting process and determining how much you know about the company with whom are you planning to do business.

Podcasts

Analyzing SOC Controls

In this vendor management video, you will learn where to find the controls section within a vendor SOC report along with what the control objectives and activities are and what to look out for in the findings and exceptions.

Infographics

10 Things to Do When You Receive Notice of an Exam

How you should prepare for an exam ahead of time, who's responsible and our expert tips for the examiner's arrival.

Podcasts

Critical Vendors: What to Review

We cover the key questions you need to ask yourself to determine if your vendors are critical. Then, we dive deeper and talk about what you should review on your critical risk vendors.

Infographics

The Role of Third & Fourth Parties

What a fourth-party is vs. a third-party, how to get information on your fourth parties and what to review on your fourth parties.

Podcasts

What is SSAE 18?

As of Monday, May 1, SSAE 18 is now in effect. Are you familiar with SSAE 18 yet? Join us now as we talk about SSAE 18 - what it is and how it affects how you do vendor management at your institution. Let's get started.

Podcasts

Vendor Management Risk Assessments

We’re going to talk through a few key things you need to know about vendor management risk assessments for your organization's third-party risk management program.

Infographics

Due Diligence Item Vendor Managers Aren't Aware of

Improve your vendor risk management program, what requesting one means, what to do if your vendor won't give those reports to you, another way of obtaining the reports.

Podcasts

10 Steps to Creating Your Vendor List

We’re going to talk through the 10 main steps you need to take to create your proper vendor list for your third-party risk management program at your institution. Let's get started.

Infographics

5 Biggest Mistakes In Vendor Contract Management

The consequences of making these mistakes and an opportunity to visit your contract process and ensure that you have firm standards in place.

Infographics

10 Common Errors to Avoid in a VM Program

10 errors we commonly see in vendor management programs - check your program now to find out if you have any gaps that need fixing.

Podcasts

3 Lines of Vendor Management Defense

You may have heard the term “three lines of defense”. But, what is a three lines of defense strategy? We'll go through those three lines of defense you have for vendor management at your financial institution.

Samples

Free Reputation Risk Assessment

See a sample of what our analysts review and report on that can help identify possible reputation risk weaknesses.

Samples

Free Data Protection Assessment

This assessment identifies how information is being secured to see risks present by engaging in business with the vendor.

Podcasts

8 Steps to Prepare for a Third-Party Risk Management Examination or Audit

Prepping for an audit is stressful, especially if you're scrambling last minute to finish vendor management tasks. In this 90-second podcast, learn 8 steps to help you prepare in advance.

examination

Podcasts

3 Reasons to Keep Your Third-Party Risk Management Program Independent

In this 90-second podcast, we cover the three most important reasons why you need to keep third-party risk workflows separate from other business processes.

Podcasts

4 Important Vendor Risk Management FAQs for Beginners

In this podcast we’re going to discuss 4 important vendor risk management frequently asked questions for beginners to help get you started. The questions like: what vendor risk management is, why it’s important, who is involved and how vendor risk is completed.

Infographics

Third-Party Risk Management Considerations on Overseas Vendors

How to work with overseas vendors and give them special attention, whether they're a third-party or fourth-party.

Podcasts

Fundamental Third-Party Risk Management Best Practices

We'll discuss fundamental best practices of third-party risk management that you need to implement such as education, tailored ongoing monitoring, outsourcing and not cutting corners.

Infographics

Vendor Complaints and Why You Should Care

Customer complaints are a fact of life in the social media world we live in today. See why you need to monitor your vendor's complaints as a critical part of third party risk management.

Infographics

The Vendor Risk Management Lifecycle

5 steps of the vendor lifecycle, 3 other important tasks you should be doing throughout the vendor lifecycle and more.

Infographics

CIA Information Security Triad and Verifying Vendors

What the CIA triad is, why you should care and how to verify your vendor's approach to cybersecurity and information security.

Infographics

7 Vendor Nightmares to Avoid

7 vendor management nightmares and ensure you take the necessary steps to avoid.

eBooks

Consequences of a Vendor Breach & How to Prepare

4 most common consequences of a vendor breach, 6 key steps you can take to be prepared and best practices we've seen for vendor management information security.

Interviews

Interview with David Stevens, CMB

Venminder was honored to be joined by David Stevens, President and CEO of the Mortgage Bankers Association (MBA). Listen to this interview for discussions on data security, cybersecurity, lessons learned from the housing crisis, the CFPB relation to regulatory compliance and much more.

regulatory guidance

Infographics

5 Key Provisions of Critical Vendor Contracts

Learn what they are, important points in each of these 5 areas, how to utilize these key provisions to help mitigate vendor contract risk.

Interviews

Interview with Shane Martin

This Venminder interview drills down into a specific vendor type - the appraisal management company (AMC) and appraisal management software. With Shane Martin, EVP of InHouseUSA, we discuss the specific areas of third-party risk to pay attention to when using an AMC as fourth-party vendor.

regtech

Infographics

Mitigating Vendor Contract Risk Through Effective Contract Management Best Practices

What the 3 pillars are, how they help you mitigate vendor contract risk and questions and examples to help guide you.

Podcasts

7 Vendor Risk Attributes To Consider

Learn 7 key things you should do with every new vendor. These steps are essential to the vendor vetting process and determining how much you know about the company with whom are you planning to do business.

Samples

Reg Compliance and Operational Analysis

Our in-house third-party risk experts can help determine if your vendor's operational and regulatory compliance is satisfactory.

regulatory compliance

Infographics

The Vendor Risk Management Lifecycle & Checklist

3 things to do pre-contract, considerations and checklists and 2 important steps to consider when the relationship is over.

Infographics

Vendor + Product + Risk = Documentation

Items to collect on all vendors, what to collect for higher risk or more critical vendors, and suggestions when you need to fill due diligence gaps.

Podcasts

10 Common Vendor Management Errors

It’s easy to get so deep in the weeds of your vendor management program that you make some pretty basic errors. Sometimes you need to take a step back and evaluate. Here are some of the ones that we see most often.

Infographics

Disaster Recovery-How/Why Extends to Third Parties

4 key elements in every disaster recovery plan and why you should care about your third parties' disaster recovery preparedness.

Infographics

Oversight on a Contract Mortgage Underwriter

Considerations when you outsource to a contract underwriter, 3 tips in vendor oversight, Q's to consider when assessing contract underwriter risk.

Infographics

Reputation Risk and Your Company's Third Parties

How to mitigate reputation risk, the impact a vendor can have on your reputation, which vendors pose a reputational risk and 5 tactics to manage third party reputational risk.

Infographics

Preparing for Cybersecurity in 2017

How cybersecurity has become a focus for examiners, about satisfying regulators and protecting your future and more.

Podcasts

Enterprise Risk Management vs Vendor Management

We often get asked, "Is there a difference between an ERM and VM?" The answer is “YES” – they are different, but there are some areas of overlap as well. Learn about what some of the differences are.

Whitepapers

Guide on New Regulation OCC Bulletin 2017-7

Our analysis of OCC 2017-7 to learn key points to know about Bulletin 2017-7 and actions required to comply.

Infographics

SSAE 18 and Its Impact to Financial Institutions

What you need to know about SSAE 18, the difference between SSAE 16 and SSAE 18 and some key updates to SOC 1's.

Infographics

Business Continuity In Relationship to Your Third Parties

Do you know if they have appropriate measures in place and a plan of how to handle business impacting events with you?

Whitepapers

Writing An Effective Risk Assessment

How to write a well-written risk assessment - an essential part to fulfilling one of your obligations in the regulatory guidance on effective risk management.

Infographics

8 Reasons for a Third-Party Risk Budget

Why allocate budget to third-party risk management? It's a strategic advantage to your business. Learn more reasons now.

ROI

Infographics

Signs You May Need to Find a New Vendor

7 signs to look for when reviewing your vendor list to see if any of them are under-performing and steps to protect you if you spot one.

eBooks

Mini Vendor Management Handbook

Successful vendor risk management starts with knowing who your vendors are. Learn how to create, handle, manage and keep your vendor list and process current.

eBooks

Creating an Effective Contract Management System

Contract management best practices, summarizing key guidance expectations from reglators and common issues and consequences.

Infographics

Vendor Selection: The Process of Selecting Vendors

Step by step, you will want to check every box to ensure items such as risk, expected outcomes and regulatory requirements have all been properly addressed.

Infographics

The Vendor Management Umbrella: Part 4

The Procedures must be very detailed, often right down to the prescriptive steps of what screen to look at, what field to examine, what step to take next, etc.

Podcasts

Fourth Parties

So you're asking yourself right now, "What is a fourth party? I've just gotten my head around the whole concept of having third parties. And why are they important to my financial institution's vendor management program?" Let's discuss.

Infographics

The Vendor Management Umbrella: Part 3

When you’re examined, the Program will absolutely positively be essential. Examiners will look for consistency in form and in content.

Podcasts

When a Vendor Refuses to Provide Financials

When a third-party company doesn't provide financial documents we tend to think there's nothing we can do. But actually, there is and we'll show you that alternate path in this video.

Infographics

The Vendor Management Umbrella: Part 2

Your vendor management Policy is the playbook that auditors and examiners will expect you to follow. Get the Policy right and it will provide your financial institution all the right protection in weathering the storm.

Podcasts

3 Key Points to Review In SOC Reports

Learn the 3 key points to review in service organization control reports, SOC reports for short, as you begin assessing your vendor's environment. Meet examiner requests and gain strategic business advantages.

Infographics

The Vendor Management Umbrella: Part 1

Here's your starting point of our 4-part series that covers the 3 primary components essential to building an exam proof vendor management operation at your financial institution.

Podcasts

Why Is There So Much Focus On Third-Party Risk?

You have to do a lot for your third party risk management now... but why? We'll go through a few reasons for the increased third-party risk management regulation and concern.

Podcasts

Consequences of a Vendor's Poor Financial Performance

You report the vendor's financial health to senior management and board. What happens when the financial health is poor? We will go over the domino effect, the issue in the industry and what you can do about it.

Podcasts

Vendor Business Continuity and Disaster Recovery Plans

Ensuring your critical vendors can survive in disaster helps ensure your financial institution can also survive. Learn what Business Continuity & Disaster Recovery plans are & how our team reviews them.

Infographics

SLA's - the answer to poor financial performance

We've created a simple infographic to help you and your team understand why SLA's are so important in every agreement.

Infographics

Don't Be "Fooled" By Vendors Who Look Safe At First

To help you and your team avoid any misunderstandings, we've put together a list of 10 most common assumptions we've seen in the vendor management process.

Infographics

Navigating Your Vendor Management

To help you and your team, we've put together a simple infographic on 7 of the most common dangerous potholes that we have seen.

Samples

Free Vendor SOC Report Analysis & Review

Download a sample SOC analysis summary document that allows you to focus on the important components, including the set of controls that you control directly.

Infographics

A St. Patrick's Day Infographic - The Lucky Clovers

To join in the fun of St. Patricks Day every year, we've put together a simple infographic on the basic principles of a successful vendor management program.

Podcasts

FFIEC Cybersecurity Assessment Tool

The FFIEC released a Cybersecurity Assessment Tool. We'll go over in depth the benefits of it and why your financial institution should use it for your vendor management.

Infographics

Vendor Cybersecurity Risk - Do Due Diligence

Does your due diligence process include assessing your vendor's cybersecurity posture? Have you identified the risks and applied controls to mitigate the risk? And if something goes wrong, what happens next?

Samples

Free Vendor Cybersecurity Analysis

Download our sample Point-In-Time Cybersecurity Analysis and feel free to use it as a guide for doing your own assessments or contact us if outsourcing this type of work is right for you.

Infographics

Who is a Critical Vendor? - A High Level Guide

To help you and your team work through the process of labeling a vendor as critical, we've put together a high-level infographic for you to download.

Infographics

Vendor Love - Do I stay or do I go? - A Valentine

Love is in the air this Valentine's Day. But "love" may not be the word you would pick to describe the relationship you have with all of your vendors.

Podcasts

5 Types of Vendor SOC Reports

So, what are the types of service organization control (SOC) reports and which type of SOC report did your vendors have performed? To help keep track, we'll cover all 5 of them in this podcast.

cybersercurity, information security

Infographics

7 Key Components of a Good Vendor Management Program

As you know, vendor management is not an optional activity, it's required by regulation. Here are 7 key components that should be included in every vendor management program.

third-party risk management program

Podcasts

Your Vendors and Cloud Computing

The Cloud has many benefits, but there are risks you need to consider. Protecting your organization's data is ultimately your responsibility so you should know how your vendor safeguards it.

cybersecurity, information security

Infographics

Vendor Contract Considerations - Before You Sign

We firmly believe that if you follow a few basic steps before you enter a contract, you're unlikely to ever need to pull that contract out again during the term of the relationship.

contract management, contract negotiation

Samples

Free Vendor Contract Summary Review

Our comprehensive summary report detail each provision and notate those that are covered, and just as importantly, those that are missing and need to be addressed in the next revision.

contract management, contract negotiation

Podcasts

Evolution of Third-Party Risk

In this video we cover the evolution of third-party risk management and the regulatory expectations on financial institutions. This will be helpful to know as you expand your third-party risk knowledge.

regulatory compliance, guidance

Podcasts

Fit Third-Party Risk Management in ERM

Various components of vendor risk feed in to your ERM strategy and considerations. Learn steps and tips on how to properly integrate third-party risk management in your enterprise risk management program.

Podcasts

Prevention of Problems in Third-Party Risk

An ounce of prevention is worth a pound of cure! Perhaps there is no better example than in the third-party risk management. Here are 3 ways you can be proactive to prevent problems.

issue management, ongoing monitoring, oversight, due diligence

Podcasts

Importance of Complimentary User Entity Controls

Learn what Complimentary User Entity Controls are, how they're related to SOC reports, what you do with them, why they're important and more.

cybersecurity, information security

Samples

Free Cybersecurity Rating Analysis on a Core Vendor

What if you could see right now today exactly what vulnerabilities exist in your vendors' systems without asking a single question and without permission?

Samples

Free Business Continuity Plan Analysis

Download our sample vendor business continuity plan review and feel free to use it as a guide for doing your own or contact us if outsourcing this type of work is right for you.

bcp

Podcasts

How to Do a Mid-Year Third-Party Risk Management Progress Check

It is essential for the future success of your third-party risk management program to continue to make necessary updates. These 6 steps and best practices will help get you started.

due diligence, ongoing monitoring, oversight management

Podcasts

Learning the Fundamentals of Third-Party Risk Management

Learn the key takeaways from important third-party risk regulatory guidance released by the OCC, FDIC and FFIEC from our compliance expert.

regulatory guidance

Podcasts

Lifecycle Approach to Third-Party Risk Management

Third-party risk management must flow in a lifecycle. We'll discuss how it's a constant evolutionary process rather than an annual static event - a core aspect that you should incorporate into your program.

Podcasts

Security & Confidentiality Provisions Which Should Be Addressed

Even though each vendor agreement includes different contractual terms, 5 security and confidentiality provisions should always be addressed. Let's go through them.

cybersecurity, information security

Podcasts

FFIEC Appendix J and E

You should be familiar with Appendix J and Appendix E of the FFIEC guidance. We will go over what each of them are, what they mean and how your teams can stay informed on new vendor management guidance and regulations.

regulatory compliance, guidance

Podcasts

Defining Critical Vs. Non Critical Vendors

Do you know the difference between a critical and non critical vendor? Learn about defining them for your financial institution. We'll cover why it's important, the business impact, exit strategies and more.

risk assessment, rate risk

Podcasts

What's In the News Matters

Vendor management is covered a lot more in industry news now. It's hard to keep up, and sometimes tempting not to try. This video mentions recent examples of important items covered.

 

Right From the Blog

You can easily show popular or recent blog posts for a given tag/topic.

6 min read

December 2020 Vendor Management News

Can you believe it's already the end of the year? December is here, and with only a few weeks left of 2020, it's the...

4 min read

5 Vendor Exit Strategy Considerations

No one wants to go into any type of relationship already planning its potential end, but when it comes to business...

3 min read

What Is a Vendor Management Program?

When we say, “vendor management program,” what we really mean is a plan established to protect your organization from...

Love what you see?

Be the first to know when we add new videos, blog posts and more.