Vendor Risk Management Policy Sample

The foundation of every good vendor risk management practice is a good vendor management policy. 

vendor management policy serviceYour Policy is your playbook that informs everyone in the organization of your plan to address third party risk. While there is no “one size fits all” when it comes to writing a good policy, we've put together a sample Policy that can help guide you in creating one of your own. 


  • It’s not an academic exercise:  It is absolutely essential for your Policy to be read, understood and approved by senior management and the board.

  • Who owns it: Your policy should identify WHO is responsible for vendor management

  • Stay current: When new guidance is released, you must pull that Policy out of the drawer and apply any new updates.

  • You’re not done yet: Accompanying your Policy document, your institution should create an extensive plan that goes into detail as to how this Policy will be put into place, through the creation of a Program document

T&C: This offer is only available to approved businesses serving the financial services industry. By completing the form you agree to keep this document confidential and to not share this report with anyone outside of your company. 

Download Now