Due diligence and contract management are important pillars of your vendor's lifecycle and overall third party risk management program. Done well, they can protect your organization, customers, data and shareholders.
In your due diligence, you must be aware of the activities that should be considered, how criticality and risk of a vendor can influence how much due diligence you do, the various oversight items to consider and why it all is not just a “check the box” item.
Your vendor contracts should be in compliance with industry regulations and standards. A well-written contract is absolutely essential to helping protect your organization and customers.