Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.


Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 


Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.



Trends, best practices and insights to keep you current in your knowledge of third-party risk.


Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars



Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.



Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.



Preparing for Periodic Vendor Updates to the Board

CPE Credit Eligible

2018 is coming to a close.

Part of wrapping up 2018 should be to think about your process of reporting to the board. Whether it's your regularly scheduled, perhaps quarterly meeting, or whether it's your summarization of all activities for an annual board report, third-party risk management needs to be a part of the board's regular activities. Listen to our 5 recommendations to best prepare for periodic vendor updates to the board.

Available on
Listen-on-Apple-Podcasts-badge.jpg  google-play-badge 2.jpg


Podcast Transcript

kelly-vick-headshot-circle-2018Welcome to this week’s Third Party Thursday! My name is Kelly Vick and I’m the President here at Venminder.

As you wrap up 2018, it’s a good idea to think about your process for reporting to the board. Whether it’s your regularly scheduled, perhaps quarterly meeting, or whether it’s your summation of all activities for an annual board report, third-party risk management needs to be a part of the board’s regular activities. 

It’s an ideal time to present processes that worked over the last year or maybe didn’t work and as a result need improvement and particularly changes related to risk with your most critical vendors. In addition, discussions around 2019 vendor risk management needs, wants, expectations and projections will likely occur. In today’s podcast we’re going to touch on our recommendations to best prepare for periodic vendor updates to the board.

We recommend the following: 

1. First, prepare proper reporting for the board’s review. Be sure the reporting is as comprehensive as needed but still easy-to-follow. The reporting package should also include pages that address things like:

  1. Overall status of assessing risk
  2. Upcoming or overdue due diligence
  3. Ongoing monitoring activities
  4. And upcoming updates or new guidance – a sure way to keep them informed and help validate any additional requests that you’re bringing to their attention

Generally speaking, you may want to devote an individual page to each pillar of third-party risk management, if you’re doing it in PowerPoint, and then accompany it with a more detailed narrative.

2. Have a list of any vendors you are currently vetting. With the new year approaching, it’s likely that your organization is considering and thoroughly vetting new products or services to assist with operations, or simply a new vendor to replace an existing vendor, and you’ll want to keep the board updated as these reviews progress. In particular, per OCC Bulletin 2013-29, you need to present any new critical vendors and receive their approval prior to contract execution.  Similarly, if there are vendors scheduled for notification and termination, be sure to include those as well.

3. Be prepared to share significant 2018 issues. Have a vendor who is consistently underperforming? Or, maybe a repeat audit finding in the vendor management program? Any issue that poses significant risk to your organization needs to be escalated to the board. Be prepared to address any staffing or technology related needs as well.

4. Be prepared to review and discuss your policy, program and procedures documentation. Do changes need to be made after reviewing what did or didn’t work in 2018? If so, as you head into the new year, it’s a good time to implement the changes. You’ll want to receive the board’s input as they will need to approve any risk-based policies governing the vendor risk management process.

5. Report of the overall status of the third-party risk management program and detail any concerns identified with vendors who have grown significantly riskier. The importance of documentation and appropriate board involvement becomes a key expectation – not only by examiners but also by the leadership of the organization.

Remember, the board’s goal is to ensure the processes in place effectively manage risk in a way that meets the organization’s strategic goals, organizational objectives and risk appetite, while protecting the organization, employees, shareholders and consumers. Working as a team and keeping the lines of communication open will benefit all parties.

Again, I’m Kelly Vick and thanks for tuning in. I hope you found my tips helpful. If you haven’t already done so, please subscribe to our Third Party Thursday series.


Subscribe to our Third Party Thursday Newsletter

Receive weekly third-party risk management news, resources and more to your inbox.


New Call-to-action

Ready to Get Started?

Schedule a personalized solution demonstration to see how Venminder can transform your vendor risk management processes.

Request a Demo