What Is Ongoing Vendor Due Diligence?

Podcast Transcript

Hi – my name is Abbe with Venminder.  

In this 90-second podcast, we’re going to discuss ongoing vendor due diligence.   

At Venminder, we have a team of certified industry experts who specialize in ensuring all areas of third-party risk management are accounted for. This includes vendor due diligence, both initial due diligence and ongoing vendor monitoring!    

Vendor oversight, or ongoing monitoring, includes all the steps needed to continue to evaluate the risks a vendor poses to your organization. This means every task necessary within the entire vendor lifecycle to manage vendor risk. 

Here are just a few examples of critical items you’d include during ongoing vendor due diligence:    

• One, you’ll periodically reassess vendor risk to determine if there have been any changes to inherent risk or residual risk.
• Two, you’ll review your contract with each vendor to ensure compliance with SLAs and other contractual obligations. 
• Three, you’ll continue to monitor material changes in financial health, internal information security controls via a SOC audit review, their overall cybersecurity preparedness and other important due diligence.   
• Four, you’ll want to review any notes that you have from your lines of business on the vendor’s overall performance. 

While initial due diligence is a big job, ongoing monitoring of your vendors is the real meat and potatoes of any third-party risk management program. Periodically reassessing vendor risk, the contract, monitoring for changes in due diligence and reviewing performance are all critical to a successful partnership. We hope you found this podcast insightful. 

Thanks for tuning in; catch you next time!