(270) 506-5140 CONTACT US
Login
banner-bg.jpg

Subscribe for Third Party Thursday Newsletter

podcast-thumbnail-green-jpeg
Best Practices

7 Steps to Take When You Have a Vulnerable Vendor

You should be proactively taking steps to mitigate risks posed by potentially vulnerable vendors. This podcast covers seven steps you can take to ensure your organization is safe against vulnerable vendors.

podcast-thumbnail-purple-jpeg
Cyber Security

Understanding Vendor Cybersecurity Posture with the CIA Triad

There are three key components of information security that you should monitor when analyzing your vendor’s information security strength. Listen to this podcast to understand the CIA Triad.

podcast-thumbnail-pink-orange-jpeg
Financials

10 Quick Signs Your Vendor's Financial Performance Is Declining

Protect your organization by looking out for the 10 signs covered in this 90-second podcast that will indicate your vendor's financial performance is declining.

podcast-thumbnail-yellow-jpeg
Business Continuity

5 Vendor Pandemic Planning Takeaways Learned from COVID-19

To be better prepared for future pandemic related situations, use these 5 takeaways learned from COVID-19 to improve your third-party risk management procedures.

podcast-thumbnail-blue-jpeg
Regulations

What to Know About the FDIC Fintech and Third Parties Guide

There are specific requirements fintech companies and third parties must comply with if they're going to partner with a bank. Listen to this week's podcast to learn what you need to know about the FDIC guide for fintechs and third parties.

podcast-thumbnail-green-jpeg
best practices

3 Constant Requirements in the Vendor Lifecycle

There are 3 "behind the scenes" vendor lifecycle requirements that are constant and should be maintained throughout the entire vendor relationship. Listen to this week's 90-second podcast to learn more about what they are and why.

podcast-thumbnail-purple-jpeg
Exam prep

5 Next Steps After the Vendor Management Exam Concludes

While preparing for a vendor management exam is a crucial step in the process, how you follow-up after the exam is equally as important. Listen to this podcast that will cover the 5 next steps you should be taking after a vendor management exam concludes.

podcast-thumbnail-pink-orange-jpeg
Best Practices

4 Ways to Optimize Ongoing Vendor Oversight

By periodically conducting due diligence, you will be able to ensure your vendors are still meeting your organization’s needs. This 90-second podcast covers 4 tips that will help get you started.

podcast-thumbnail-yellow-jpeg
Best Practices

Overview of the 7 Pillars of Vendor Management

Regulatory guidance sets out fundamental expectations. It’s important from the management and exam standpoint that these pillars are in place. Learn more in this podcast.

podcast-thumbnail-blue-jpeg
Financials

4 Underlying Reasons Why Vendor Financial Reviews Are Critical

Does your organization understand your vendor’s financial viability and performance? Here are 4 reasons why your vendor’s financial performance is crucial for you to report on.

podcast-thumbnail-green-jpeg
Best Practices

4 Tips to Help Make Vendor Management a Priority

Vendor risk management is important to meet regulatory guidelines. Listen to this podcast for 4 tips to help you make third-party risk a key priority in your organization.

podcast-thumbnail-purple-jpeg
Risk Assessment

Who, What and Why of a Vendor Risk Appetite Statement?

Do you need help determining what your vendor risk appetite is? This podcast answers common questions you may have when it comes to determining your organization’s risk appetite.

podcast-thumbnail-pink-orange-jpeg
Best Practices

6 Tips for a Strong Vendor Management Program

Your vendor management program should be specific and unique to your organization’s needs. Listen to the 6 best practices covered in this podcast for creating a third-party risk program.

podcast-thumbnail-yellow-jpeg
Due Diligence

Understanding Initial Vendor Due Diligence

This podcast breaks down what initial vendor due diligence is and why your organization should incorporate it into your vendor management program.

podcast-thumbnail-blue-jpeg
Best Practices

The 6 Primary Categories of Vendor Risk

Different types of vendor risk require unique approaches. This podcast breaks down the 6 main categories of vendor risk to help you improve your organization's overall approach.

podcast-thumbnail-green-jpeg
Best Practices

4 Similar Yet Different Vendor Management Concepts

Each vendor management concept brings varying components to an organization’s overall structure. Listen to this podcast to dive deeper into each concept.

podcast-thumbnail-purple-jpeg
Contracts

5 Next Steps to Address Repeat Vendor SLA Failures

When your vendor fails to meet the SLA requirements outlined in your contract, it can have negative consequences. Listen to this podcast for next steps.

podcast-thumbnail-pink-orange-jpeg
Best Practices

7 Steps to Take If It’s Time for a New Vendor in 2020

If your vendor isn't meeting your organization’s needs, it may be time to start searching for a new vendor. Listen to this podcast for steps to help you with the process.

podcast-thumbnail-yellow-jpeg
Best Practices

4 Big Third Party Risk Management Updates from 2019

Use the third party risk lessons and guidance learned this year to help your organization be even more successful with vendor management in 2020.

podcast-thumbnail-blue-jpeg
Due Diligence

4 Best Practices to Improve Your Vendor Due Diligence Strategy

Listen to this 90-second podcast to hear our four third party risk expert tips to help you when improving your vendor due diligence strategy.

podcast-thumbnail-green-jpeg
Best Practices

5 Best Practices of Successful Vendor Risk Assessments

One of the most crucial aspects of vendor management is performing a third party risk assessment. Use these 5 practices to help get started.

podcast-thumbnail-green-jpeg
Best Practices

8 Best Practices for Creating or Updating Your Vendor Management Program Documentation

Whether you’re creating your program for the first time, or revising it, here are 8 best practices.

podcast-thumbnail-purple-jpeg
Best Practices

Why Vendor Complaints Matter and Why You Should Care

You need to also monitor your vendor's complaints as a critical part of third party risk management. Listen to this podcast for more information.

podcast-thumbnail-pink-orange-jpeg
Best Practices

8 Benefits of Vendor Risk Management

There are many benefits of vendor risk management. Understand why vendor risk is important and how to use these steps in your organization by listening to this podcast.

podcast-thumbnail-yellow-jpeg
Budget

5 Tips for Budget Planning in Third Party Risk Management

Budget season is upon us! Prepare yourself and your organization by planning ahead now for third party risk. Listen to this podcast for more information.

podcast-thumbnail-blue-jpeg
Cyber Security

Is Your Vendor's Cybersecurity Your Weak Link? Avoid the Horror

You can start to better understanding of what specific items you need to look for in your vendor’s cybersecurity plan with this 90-second podcast.

podcast-thumbnail-green-jpeg
Cyber Security

6 Best Practices for Managing Third Party Cybersecurity Risk

Take steps to protect your organization from vendor cybersecurity risk. Listen to this podcast for 6 steps to manage third party cybersecurity risk.

podcast-thumbnail-purple-jpeg
Business Continuity

11 Items to Look for in Your Critical Vendor’s Business Continuity Plan

There will be business events that occur with your vendor that can impact your organization. Listen to this 90-second podcast to learn 11 items to look for in business continuity plans.

podcast-thumbnail-pink-orange-jpeg
Best Practices

10 Ways to Improve Your Third Party Risk Management Program

Proper vendor management requires you to periodically go update and improve elements of your program. To help, listen to this 90-second podcast to hear specific steps you can take to improve your third party risk program.

podcast-thumbnail-yellow-jpeg
SOC Reports

7 Steps to Take After Receiving a Vendor SOC Report

An key step in the due diligence process is to review your vendor’s SOC report. There are steps you can take to make the process more efficient when reviewing a SOC report. Listen to this week’s podcast to find out 7 steps to take.

podcast-thumbnail-blue-jpeg
Best Practices

5 Ways to Prevent Problems in Third Party Risk

The constant shift can lead to occasional problems in third party risk management. If you take the time to manage the process correctly and implement specific procedures, it could help you avoid costly errors down the line. 

podcast-thumbnail-green-jpeg
Exam Prep

8 Steps to Prepare for a Third Party Risk Management Examination or Audit

Prepping for an audit is stressful, especially if you're scrambling last minute to finish vendor management tasks. In this 90-second podcast, learn 8 steps to help you prepare in advance.

podcast-thumbnail-purple-jpeg
Best Practices

3 Reasons to Keep Your Third Party Risk Management Program Independent

In this 90-second podcast, we cover the three most important reasons why you need to keep third party risk workflows separate from other business processes.

podcast-thumbnail-pink-orange-jpeg
Risk Assessment

How to Determine Vendor Regulatory Risk

Regulatory risk is used to determine the vendor relationship’s risk rating . Listen to this 90-second podcast to learn more about the categories of regulatory risk and how you can determine your vendors' regulatory risk.

podcast-thumbnail-yellow-jpeg
Best Practices

5 Mid-2019 Tips to Be Proactive in Vendor Management

With 2019 well underway, we decided to put together some tips to help you and your organization stay proactive in vendor risk management. This 90-second podcast will give you a quick refresher on third party risk best practices.

podcast-thumbnail-blue-jpeg
Best Practices

Developing an Effective Complaint Management System for Vendor Management

How your organization manages and responds to complaints has become critical. It also will help spot issues with vendors. Here are some tips to help you develop an effective complaint management system.

podcast-thumbnail-green-jpeg
Financials

5 Steps to Measuring Your Vendor’s Financial Health in 90 Seconds

Evaluating a vendor’s performance is more than just about the numbers. It can help you discover weak financials which can indicate numerous risk factors. Here are 5 steps to get started.

podcast-thumbnail-purple-jpeg
Best Practices

8 Tips on Maintaining Good Vendor Relationships in 90 Seconds

Maintaining strong vendor management relationships will help lead to a successful partnership for your organization. In today’s podcast, we’ll cover 8 important tips to maintain good vendor relationships in 90 seconds.

podcast-thumbnail-pink-orange-jpeg
Risk Assessment

Do I Have to Risk Rate Every Vendor? in 90 Seconds

In this 90-second podcast, we will cover the steps you need to take to determine the vendors that need to be included in your vendor oversight and how to best assess risk.

podcast-thumbnail-yellow-jpeg
Regulations

Your Third Parties - Potential UDAAP Risk in 90 Seconds

UDAAP has presented some concern to third party risk professionals. In this podcast we cover procedures and best practices to effectively manage UDAAP and your third parties.

podcast-thumbnail-blue-jpeg
Contracts

6 Vendor Contract Management Best Practices in 90 Seconds

Listen to this podcast to learn about vendor contract management from our experts, the importance of contracts to your organization and what steps you should take to protect your institution.

podcast-thumbnail-green-jpeg
Best Practices

Fourth Party Vendor Risk Management

Fourth party risk is an important step in the vendor management process and should be incorporated in your overall strategy. Here are some specific steps you can take with fourth party risk management that will help be more prepared and protect your organization.

podcast-thumbnail-purple-jpeg
Financials

5 Steps to Measuring Your Vendor’s Financial Health

Thoroughly evaluating a vendor’s performance is more than just about the numbers. It can help you discover weak financials which can indicate numerous risk factors. Listen to this podcast for 5 important steps that you can take to measure your vendor's financial health.

podcast-thumbnail-pink-orange-jpeg
Contracts

6 Vendor Contract Management Best Practices

Listen to this 90-second podcast to learn from our Venminder's experts about vendor contract management. In this podcast we will walk you through the importance of contracts and what steps you need to take to safeguard your organization.

podcast-thumbnail-yellow-jpeg
Risk Assessment

Do I Have to Risk Rate Every Vendor?

Sometimes a vendor may not pose enough risk to an organization to make it needed to actively monitor. In this 90-second podcast, we will cover the specific steps you should take in order to determine the vendors that need to be included in your vendor oversight.

podcast-thumbnail-blue-jpeg
Best Practices

8 Tips On Maintaining Good Vendor Relationships

Maintaining strong vendor management relationships will help lead to an even more successful partnership for your organization. In this Third Party Thursday 90 second podcast, we’ll cover 8 important tips to maintain good vendor relationships.

podcast-thumbnail-green-jpeg
Regulations

Your Third Parties - Potential UDAAP Risk

One of the primary points of focus for the Consumer Financial Protection Bureau (CFPB), UDAAP has presented some concern to third party risk professionals. In this podcast we cover procedures and best practices to effectively manage UDAAP and your third parties.

podcast-thumbnail-purple-jpeg
Best Practices

7 Reasons Why You Shouldn't Use Spreadsheets for Vendor Risk Management

With the increase in regulations and vendor oversight requirements, managing your vendors with a spreadsheet will prove to be very inefficient. Here are 7 reasons why spreadsheets will not cut it anymore, especially in 2019.

podcast-thumbnail-pink-orange-jpeg
Best Practices

4 Important Vendor Risk Management FAQs for Beginners

In this podcast we’re going to discuss 4 important vendor risk management frequently asked questions for beginners to help get you started. The questions like: what vendor risk management is, why it’s important, who is involved and how vendor risk is completed.

podcast-thumbnail-yellow-jpeg
Best Practices

5 Quick Tips for Developing a Vendor Risk Assessment Template

We'll cover tips for developing a vendor risk assessment template, also referred to as a VRA questionnaire. These are important while assessing how much risk your vendor presents to you. Check out our 5 recommendations.

podcast-thumbnail-blue-jpeg
Best Practices

How to Write a Vendor Management Policy

When getting started in vendor management, there are three unique sets of documents that you're going to want to create and update. The first document that you should focus on writing is your third party risk policy. In today's podcast, we're going to walk you through six specific steps to take in order to write an effective policy.

podcast-thumbnail-green-jpeg
Best Practices

5 Best Practices of Hiring Vendor Management Staff for 2019

Are you looking to expand your vendor management team in 2019? There are certain steps you can take in order to find the best and most effective team your organization. In this podcast, we discuss 5 recommendations to recruit potential vendor management team candidates.  

podcast-thumbnail-purple-jpeg
Best Practices

7 Attributes of Good Vendor Managers to Continue in 2019

Vendor risk management is a complex job. It typically takes an individual who is meticulous in detail, thorough and patient to perform the job well. In today’s podcast, we’ll wrap up the 2018 year and touch on some key attributes we’ve found in good vendor managers that should be continued in the new year.

podcast-thumbnail-pink-orange-jpeg
Best Practices

Top 7 Best Practices in Vendor Management from 2018

Since we’re nearing the end of the year, it’s a good time to reflect on 2018 and some of the vendor risk management best practices we’ve found to be helpful. Let’s cover 7 of the 2018 best practices that you should continue into the new year. They range from engaging the first line of defense through continuing education.

podcast-thumbnail-yellow-jpeg
Best Practices

Quick Tips for Developing Your Third Party Policy, Program and Procedures

A well-developed policy, program and procedure documents are all crucial to the success of an organization’s third party risk management department. Listen for some quick tips to help you develop, or revamp, your third party policy, program and procedures.

Podcast 3
SOC Reports

What Is the Difference Between a Vendor SOC 1 and SOC 2 Report

The several kinds of SOC reports differ based on what they cover, how the auditor performs the assessment and what level of detail the reports include. This way, the vendor can avoid each client performing their own audit of the vendor's system. Learn the differences between a vendor SOC 1 and SOC 2 report and Type 1 and Type 2.

podcast-thumbnail-green-jpeg
Budget

11 Reasons for a Third Party Risk Management Budget in 2019

Yes, third party risk management an expense, but it's also a strategic advantage and the best way to defend your company when risk is posed. In this podcast, we'll go through 11 reasons to consider your third party risk management department/program when budgeting for the upcoming year.

podcast-thumbnail-purple-jpeg
Contracts

Budgeting for 2019: 5 Vendor Contract Considerations

When budgeting for the upcoming year, it's a best practice to consider the costs associated with negotiating key contract terms and pricing within your third party risk management program. Listen as Venminder CFO, Mike Campbell, covers 5 vendor contract considerations for your 2019 budget.

podcast-thumbnail-pink-orange-jpeg
Regulations

Vendor Risk Management and FFIEC Appendix J

How FFIEC’s Appendix J relates to your vendor risk management program, four key elements of business continuity planning that you should address when contracting with a third party service provider, recommendations to best incorporate it into your vendor risk management program.

podcast-thumbnail-yellow-jpeg
Best Practices

5 Third Party Risk Management Best Practices for a Fintech Provider

Allow your clients to feel much more at ease when selecting you as their preferred vendor of choice to continue doing business with - follow these 5 best practices now for a well-developed and organized third party risk management process.

vendor due diligence
Due Diligence

The Importance of Vendor Due Diligence

Vendor vetting and ongoing monitoring are both important stages of the vendor lifecycle and due diligence process, but, why exactly is due diligence so important for vendor risk management? Listen to our third party risk management podcast now to learn the top 5 reasons.

podcast-thumbnail-green-jpeg
Cyber Security

4 Best Practices to Take Away During a Breach

We all hope to never experience a breach at our organization, but if it does happen, do you know what to do? You can minimize the chance of it happening again by using those mistakes to improve your third party risk management program. Listen to Third Party Thursday now for 4 best practices.

podcast-thumbnail-purple-jpeg
Best Practices

6 Tips to Balance Third Party Risk Management Tasks

We know third party risk management is associated with a great deal of tasks and a large workload, so here are 6 tips that can provide some relief. Once you've established balance, you will feel much more confident, and at ease, about your overall third party risk management program. Listen now.

podcast-thumbnail-pink-orange-jpeg
Risk Assessment

How to Do a Vendor Risk Assessment

Listen to this third party risk management podcast where we take into consideration regulatory guidance OCC Bulletins 2013-29 and 2017-7 and FDIC Letter 44-2008 to help guide you through the vendor risk assessment process. Learn how to complete a vendor risk assessment, steps and tips.

podcast-thumbnail-yellow-jpeg
Best Practices

Improving the Process & Documenting a Mid-Year TPRM Progress Check

You've gone through the 6 steps and best practices for a mid-year third party risk management progress check, so now what? Listen to learn the next steps to take, how to document your findings and how to improve upon the process as a whole.

third party risk management best practices
Best Practices

How to Do a Mid-Year Third Party Risk Management Progress Check

Gain a better understanding of how to perform a well-detailed check on your third party risk management program and policies to determine the progress you've made. It is essential for the future success of your program to continue to make necessary updates. These 6 steps and best practices will help get you started. 

podcast-thumbnail-green-jpeg
Business Continuity

Fundamentals of BCP within Vendor Management

Business continuity planning (BCP) is important to you and your vendors. Listen as we guide you through the appropriate regulatory guidance to follow, what to plan for, what to restore first and how to recover.

podcast-thumbnail-purple-jpeg
Exam Prep

9 Tips to Prepare for a Third Party Risk Examination

For a smooth third party risk examination, 3-4 months in advance of the examiners’ arrival you should prepare or fine-tune these 9 documentation items. We'll tell you what they are and some tips.

podcast-thumbnail-pink-orange-jpeg
SOC Reports

Understanding your Vendors SOC Report - The Basics

What is a SOC report? It's an audit report performed by a public accounting firm and attests to the existence & effectiveness of the controls put in place to safeguard your data. Listen as we break down 6 important parts.

podcast-thumbnail-yellow-jpeg
Best Practices

7 First Line of Defense Best Practices

The first line of vendor risk management defense has direct interaction on a day-to-day basis with your third party. Listen to our podcast for 7 best practices for properly engaging the first line of defense.

fourth party vendor oversight monitoring
Best Practices

Fourth Party Vendor Monitoring

Fourth party risk and liability is often overlooked because there isn't direct relationship with the fourth party vendor. Listen now for the 3 oversight steps to take regarding your fourth party vendors.

podcast-thumbnail-green-jpeg
Best Practices

The 3 Vendor Risk Management Frameworks

There are three vendor risk management frameworks to consider: centralized, decentralized and a hybrid approach. We'll teach you the differences and guide you toward the best framework for you.

podcast-thumbnail-purple-jpeg
Risk Assessment

Criticality and Vendor Oversight

When determining your level of oversight on a vendor, you’ll clearly want to determine their criticality and risk level first. Listen to this podcast to help guide you through the process.

podcast-thumbnail-pink-orange-jpeg
Responsibilities

Non-Elective Vendor Oversight Responsibility

A non-elective vendor is one you don't have a direct relationship with, but your third party does - making them a risk to you and therefore requiring some oversight. Listen to learn the associated responsibilities.

podcast-thumbnail-yellow-jpeg
Best Practices

Fit Third Party Risk Management in ERM

Various components of vendor risk feed in to your ERM strategy and considerations. Learn steps and tips on how to properly integrate Third Party Risk Management in your Enterprise Risk Management Program.

General Data Protection Regulation gdpr
Regulations

How GDPR Impacts Third Party Risk Management

While the General Data Protection Regulation (GDPR) has a global impact on any company which is collecting, storing, or accessing European resident data. Listen to Third Party Thursday to learn what you need to know.

podcast-thumbnail-green-jpeg
Best Practices

Erm vs. TPRM

Enterprise Risk Management (ERM) and Third Party Risk Management (TPRM) are are often used interchangeably, but they are two different functions. ERM is more high level, while TPRM is a smaller subset. Listen to learn more.

podcast-thumbnail-purple-jpeg
Best Practices

Third Party RIsk Management Staffing

Recommendations from a seasoned third party risk expert for how to determine how many staff members to have on your vendor management team. Follow our three tips in this podcast.

podcast-thumbnail-pink-orange-jpeg
Contracts

5 Common Pitfalls in Vendor Contracts

Save time, money and other valuable resources by learning mistakes companies make with their vendor contracts. Listen to see how you can avoid some common pitfalls during all phases of the vendor lifecycle.

podcast-thumbnail-yellow-jpeg
Best Practices

Creating Awareness of Third Party Risk Mgmt

Tips for fostering a third party risk mindset within your organization - how to create awareness, important members of your company to involve & who the third party risk responsibility lies within every organization.

third party risk management plan best practices
Best Practices

9 Key Components to a Successful TPR Mgmt Plan

What makes a third party risk management plan successful? Listen to learn 9 best practices and key components of a well-managed third party risk management plan for you to implement now.

podcast-thumbnail-green-jpeg
Responsibilities

Consumer Complaints and Vendor Management

Learn how a well-run complaint management system (cms) can turn an upset customer into your best customer along with five elements to include your vendor management policy on complaint management.

podcast-thumbnail-purple-jpeg
Regulations

TPR Management Regulatory Compliance during Regulatory Change

Here are daily vendor management regulatory compliance efforts you can implement in order to keep up with third party risk regulatory reform.

podcast-thumbnail-pink-orange-jpeg
Regulations

UDAAP And What It Means to Your TPRM Program

What you need to know about UDAAP (Unfair, Deceptive or Abusive Acts or Practices), how they affect your third party risk management program and items the CFPB is highly critical of.

podcast-thumbnail-yellow-jpeg
Due Diligence

Due Diligence on Your Fintech Vendors

Tips and recommendations for determining due diligence questions to ask your fintech vendors. We'll also provide insight into setting the standards that should firmly be expected.

critical vendor classification
Risk Assessment

How To Properly Identify Your Critical Vendors

Go through critical vendor classification and identification with us. Learn standards for identifying your vendors, how to properly identify your scope and 3 questions to ask to determine if a vendor is critical.

podcast-thumbnail-green-jpeg
Best Practices

Third Party Risk Management Year End 2017

Join us as we close out 2017 with this thank you vendor management podcast. And, see what our top 10 most popular videos and podcasts were from our Third Party Thursday series for this year.

podcast-thumbnail-purple-jpeg
Regulations

Why to Stay Abreast of New Vendor Management Regulatory Guidance

The best way to prepare for new regulatory guidance, how to stay in compliance and some commentary on new regulations taking effect in 2018.

podcast-thumbnail-pink-orange-jpeg
Risk Assessment

Vendor Classification

Learn about 'bucketing your vendors' - a high level vendor classification system that can help you with third party oversight, ongoing monitoring and preventing problems down the road. We'll also tell you how to develop buckets of your own.

podcast-thumbnail-yellow-jpeg
Responsibilities

Complaint Management System

What to include in your complaint policy and complaint management system to improve vendor management. A well-run system can turn upset customers.

podcast-thumbnail-blue-jpeg
Exam Prep

What Should Be In your Third Party Risk Examination Preparation Handbook

The best strategy for preparing for an examination is to constantly be ready. Listen to learn 7 items you should have in your examination preparation playbook.

podcast-thumbnail-green-jpeg
Best Practices

Learning the Fundamentals of Third Party Risk Management

Learn the key takeaways from important third party risk regulatory guidance released by the OCC, FDIC and FFIEC from our compliance expert. 

vendor management best practices
Bank Vendor Managment

Third Party Risk Management Education

Learn how to get ahead of the game education wise in third party risk management with these 10 best practices. Staying up to date is a great idea for everyone involved in vendor management. 

podcast-thumbnail-pink-orange-jpeg
Best Practices

Prevention of Problems in Third Party Risk

An ounce of prevention is worth a pound of cure! Perhaps there is no better example than in the world of third party risk management. Here are three ways you can be proactive to prevent problems. 

third party risk enforcement actions
Best Practices

Learning From Third Party Enforcement Actions

Let's say you find out one of your third parties is named in an enforcement action, even if it is unrelated to your institution, what do you do? Listen to learn the six necessary steps to take.

compliance management system
Best Practices

Creating a Culture of Compliance for Vendor Management

Learn what regulators & senior gov officials in financial services had to say on creating a culture of compliance, why they strongly recommend it and what this entails.

podcast-thumbnail-green-jpeg
Reporting

Vendor Management Board Reporting

The regulator guidance is clear - you must keep your senior management and your board informed on developments within your third party risk management program. Learn what this looks like.

podcast-thumbnail-purple-jpeg
Regulations

UDAAP - Unfair, Deceptive or Abusive Acts or Practices

Learn about UDAAP - Unfair, Deceptive or Abusive Acts or Practices and the role of the CFPB and enforcement actions in the world of third party risk by listening to this informative podcast.

podcast-thumbnail-pink-orange-jpeg
Due Diligence

Brand Names and Vendor Due Diligence

Sometimes people feel too comfortable with a well-known vendor. We cover why even vendors with recognizable brand names require thorough due diligence. No one is immune from third party risk.

podcast-thumbnail-yellow-jpeg
Regulations

Guidance on OCC Bulletins 2017-7 and 2017-21

Learn key takeaways from two OCC Bulletins issued this year on third party risk management - OCC Bulletins 2017-7 and 2017-21. Is your institution's vendor management program in compliance?

podcast-thumbnail-blue-jpeg
Third Party Risk Management

The Basic Concepts of Third Party Risk Management Framework

Listen to learn the basics of the third party risk management framework, including how it relates to enterprise risk management (ERM).

podcast-thumbnail-green-jpeg
Vendor Contract Management

Best Practices in Vendor Contract Management

Learn how to do proper vendor contract management. We'll provide best practices, the importance of contracts to your institution and what steps to take to protect your institution from contract risk.

podcast-thumbnail-purple-jpeg
Best Practices

7 Vendor Risk Attributes To Consider

Learn 7 key things you should do with every new vendor. These steps are essential to the vendor vetting process and determining how much you know about the company with whom are you planning to do business.

podcast-thumbnail-pink-orange-jpeg
Information Security

How, When and Why to Use an InfoSec Questionnaire

Learn the how, when and why of using vendor information security questionnaires for your third party risk management and how your due diligence process can benefit from it.

podcast-thumbnail-yellow-jpeg
Information Security

CIA Triad Within Vendor Management

In this podcast, you'll learn how your vendor's approach to the CIA triad of information security impacts you and your customers. Being aware will help you against third party risk.

podcast-thumbnail-blue-jpeg
vendor due diligence

Third Party Due Diligence

In this short vendor management video, you will learn four key points you need to know regarding third party due diligence and what items your due diligence checklist should contain to keep your institution safe from third party risk. 

vendor soc reports
SOC Reports

Understanding Vendor SOC Scope, Time and Narrative

Learn what the scope of a vendor's SOC report means and where to find it along with what typical audit periods are and a few questions to ask yourself while reviewing the narrative.

7 Steps of Vendor Vetting Vendor Management Video
Due Diligence

7 Steps of Vendor Vetting

Learn the 7 key things you should do with every new vendor. These steps are essential to the vendor vetting process and determining how much you know about the company with whom are you planning to do business.

podcast-thumbnail-pink-orange-jpeg
SOC Reports

Analyzing SOC Controls

In this vendor management video, you will learn where to find the controls section within a vendor SOC report along with what the control objectives and activities are and what to look out for in the findings and exceptions.

podcast-thumbnail-yellow-jpeg
Best Practices

Critical Vendors: What to Review

We cover the key questions you need to ask yourself to determine if your vendors are critical. Then, we dive deeper and talk about what you should review on your critical risk vendors.

podcast-thumbnail-blue-jpeg
SOC Reports

What is SSAE 18?

As of Monday, May 1, SSAE 18 is now in effect. Are you familiar with SSAE 18 yet? Join us now as we talk about SSAE 18 - what it is and how it affects how you do vendor management at your institution. Let's get started.

podcast-thumbnail-green-jpeg
Risk Assessment

Vendor Management Risk Assessments

We’re going to talk through a few key things you need to know about vendor management risk assessments for your institution's third party risk management program. 

10 steps to create your vendor list
Best Practices

10 Steps to Creating Your Vendor List

We’re going to talk through the 10 main steps you need to take to create your proper vendor list for your third party risk management program at your institution. Let's get started.

podcast-thumbnail-pink-orange-jpeg
Best Practices

10 Common Vendor Management Errors

It’s easy to get so deep in the weeds of your vendor management program that you make some pretty basic errors. Sometimes you need to take a step back and evaluate. Here are some of the ones that we see most often.

podcast-thumbnail-yellow-jpeg
Responsibilities

3 Lines of Vendor Management Defense

You may have heard the term “three lines of defense”. But, what is a three lines of defense strategy? We'll go through those three lines of defense you have for vendor management at your financial institution.

podcast-thumbnail-blue-jpeg
Best Practices

Enterprise Risk Management vs Vendor Management

We often get asked, "Is there a difference between an ERM and VM?" The answer is “YES” – they are different, but there are some areas of overlap as well. Learn about what some of the differences are.

podcast-thumbnail-green-jpeg
Best Practices

Lifecycle Approach to Third Party Risk Management

Third party risk management must flow in a lifecycle. We'll discuss how it's a constant evolutionary process rather than an annual static event - a core aspect that you should incorporate into your program.

podcast-thumbnail-purple-jpeg
Best Practices

Fundamental Third Party Risk Management Best Practices

We'll discuss fundamental best practices of third party risk management that you need to implement such as education, tailored ongoing monitoring, outsourcing and not cutting corners.

podcast-thumbnail-pink-orange-jpeg
Best Practices

Why Is There So Much Focus On Third Party Risk?

You have to do a lot for your third party risk management now... but why? We'll go through a few reasons for the increased third party risk management regulation and concern. 

podcast-thumbnail-yellow-jpeg
Best Practices

How to Write a Third Party Policy

A policy is the first main foundational third party risk management document you should have on file. Learn about key aspects in writing a proper third party policy for your financial institution.

podcast-thumbnail-blue-jpeg
Cybersecurity

FFIEC Cybersecurity Assessment Tool

The FFIEC released a Cybersecurity Assessment Tool. We'll go over in depth the benefits of it and why your financial institution should use it for your vendor management. 

Third-Party-Thursday-Video-contract-confidentiality.png
Contracts

Security & Confidentiality Provisions Which Should Be Addressed

Even though each vendor agreement includes different contractual terms, 5 security and confidentiality provisions should always be addressed. Let's go through them.

podcast-thumbnail-purple-jpeg
Financials

When a Vendor Refuses to Provide Financials

When a third party company doesn't provide financial documents we tend to think there's nothing we can do. But actually, there is and we'll show you that alternate path in this video.

podcast-thumbnail-pink-orange-jpeg
SOC Reports

Importance of Complimentary User Entity Controls

Learn what Complimentary User Entity Controls are, how they're related to SOC reports, what you do with them, why they're important and more.

podcast-thumbnail-yellow-jpeg
Contracts

Mitigating Vendor Contract Risk

In order to have vendor management control, you must have a firm understanding or knowledge of third party vendor contracts. Learn the 3 pillars in managing them and other points about mitigating contract risk.  

podcast-thumbnail-blue-jpeg
SOC Reports

5 Types of Vendor SOC Reports

So, what are the types of service organization control (SOC) reports and which type of SOC report did your vendors have performed? It can be confusing to keep track of them. To help, we'll briefly go through all 5 of them in this video.

podcast-thumbnail-green-jpeg
Due Diligence

Fourth Parties

So you're asking yourself right now, "What is a fourth party? I've just gotten my head around the whole concept of having third parties. And why are they important to my financial institution's vendor management program?" Let's discuss.

podcast-thumbnail-purple-jpeg
Information Security

Your Vendors and Cloud Computing

The Cloud has many benefits, but like everything, there are risks you need to consider. Protecting your institution’s data is ultimately your responsibility so you should know how your vendor safeguards it.

podcast-thumbnail-pink-orange-jpeg
Regulations

Evolution of Third Party Risk

In this video we’re going to talk a little about the evolution of third party risk management and the increased regulatory expectations on financial institutions. This will be helpful to know as you expand your third party risk knowledge.

podcast-thumbnail-yellow-jpeg
Business Continuity

Vendor Business Continuity and Disaster Recovery Plans

Ensuring your critical vendors can survive in disaster helps ensure your financial institution can also survive. Learn what Business Continuity & Disaster Recovery plans are & how our team reviews them. 

podcast-thumbnail-blue-jpeg
SOC Reports

3 Key Points to Review In SOC Reports

Learn the 3 key points to review in service organization control reports, SOC reports for short, as you begin assessing your vendor's environment. Meet examiner requests and gain strategic business advantages.

podcast-thumbnail-green-jpeg
Contracts

5 Key Provisions to look for in your Critical Vendor Contracts

When reviewing and negotiating critical vendor contracts, consider many elements. Here's 5 key provisions to give special attention.

podcast-thumbnail-purple-jpeg
Financials

Consequences of a Vendor's Poor Financial Performance

You report the vendor's financial health to senior management and board. What happens when the financial health is poor? We will go over the domino effect, the issue in the industry and what you can do about it.

podcast-thumbnail-pink-orange-jpeg
Regulations

FFIEC Appendix J and E

You should be familiar with Appendix J and Appendix E of the FFIEC guidance. We will go over what each of them are, what they mean and how your teams can stay informed on new vendor management guidance and regulations.

podcast-thumbnail-yellow-jpeg
Due Diligence

Defining Critical Vs. Non Critical Vendors

Do you know the difference between a critical and non critical vendor? Learn about defining them for your financial institution. We'll cover why it's important, the business impact, exit strategies and more.

podcast-thumbnail-blue-jpeg
Best Practices

Defining the Scope of your Third Party Risk Management Program

You must define specifically who will be a part of your third party risk management program and also, equally important, who is out

podcast-thumbnail-green-jpeg
Best Practices

What you can do now to prepare for 2017

So, what can you do right now in preparation for next year? There’s actually quite a lot, depending on the maturity of your third party program. Watch this video to learn what you can do now to prepare for 2017.

podcast-thumbnail-purple-jpeg
Best Practices

Best Practices in Vendor Management

With all the vendor management industry changes and guidance updates, it's easy to get overwhelmed. In this video, we will talk about basic vendor management best practices to implement.

podcast-thumbnail-pink-orange-jpeg
Cybersecurity

What's In the News Matters

Vendor management is covered a lot more in industry news now. It's hard to keep up, and sometimes tempting not to try. This video mentions recent examples of important items covered.