Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.


Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 


Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.



Trends, best practices and insights to keep you current in your knowledge of third-party risk.


Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars



Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.



Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.



6 State of Third-Party Risk Management Highlights for 2023

CPE Credit Eligible

Available on
Listen-on-Apple-Podcasts-badge.jpg  google-play-badge 2.jpg

State of Third-Party Risk Management Highlights.

After conducting our State of Third-Party Risk Management Survey in November of last year, we've analyzed the results and found six highlights that you should pay close attention to this year.

You may also be interested in:


Podcast Transcript

Hi - this is Aaron Kirkpatrick with Venminder. 

In this podcast, you'll learn six highlights from the Venminder State of Third-Party Risk Management 2023 survey. 

Here at Venminder, our team of certified industry experts specialize in building effective third-party risk management programs to help your organization meet the rising challenges of today's third-party risks. 

The Venminder State of Third-Party Risk Management survey was released in 2022 to a variety of industries and organizations, including financial services, fintech, retail, healthcare, and more. Our survey also surveyed organizations of different sizes, ranging from less than $1 billion in assets or less than 100 employees to more than $10 billion in assets or more than 5,000 employees. The goal of this study was to keep you informed about current practices, challenges, compliance incentives, and third-party risk management benefits of the industry.

2022 highlighted the importance of third-party risk management domestically and abroad. Cyberattacks increased in record numbers, and the healthcare and financial services industries were particularly hard. Supply chains were disrupted by labor shortages and high fuel prices, while geopolitical events such as the Russian-Ukrainian war led to increased sanctions and new laws designed to protect human rights. 

Despite an already troubled economy, inflation rose to its highest level in 30 years. Due to these conditions and events, almost every industry and organization has been under increased pressure to identify, manage, and monitor new and emerging third-party risks. So, what does this mean for third-party risk management? 

Here are six highlights learned from the results of the Venminder State of Third-Party Risk Management 2023 Survey: 

  • First, when it comes to third-party risk management, 70% of respondents ranked cybersecurity as their top concern – which is hardly surprising. No industry is immune from cyberattacks and data breaches related to third-party vendors. So, organizations of all sizes must ensure that their third party's security controls and policies are strong enough to protect against malicious actors. According to our survey, cybersecurity awareness training, multi-factor authentication tools, and anti-malware solutions are being implemented in many organizations to mitigate cyber risks.
  • Second, vendor business continuity planning remains a priority. We learned that vendor business continuity planning rose to second place for new or emerging vendor risk concerns. Cyberattacks and breaches are often responsible for business disruption, which is likely why vendor business continuity planning concerns are rising. To help address this concern, review your vendors' business continuity plans and testing results to ensure they’re prepared to handle business disrupting events, including natural disasters, geopolitical conflicts, cyberattacks, and other potential business impacting events.
  • Third, third-party risk management program metrics are gaining traction, with 20% of respondents stating they have operational metrics and 16% stating they are developing metrics. Understanding your program's effectiveness is essential and confirming that third-party risk management’s foundational objectives are being met is equally important. Establishing third-party risk management program metrics is the best way to holistically evaluate and measure your program's health, stability, and effectiveness. 
  • Fourth, many respondents agree third-party risk management activities helped their organizations overcome supply chain disruptions. Almost half of those surveyed have begun to realize the benefits of third-party risk management, whether it reduces supply chain disruptions or lessens the impact of cyberattacks and data breaches.
  • Fifth, manual processes are out, and specialized third-party risk management software is in. Sixty-four percent (64%) of respondents reported using dedicated third-party risk management software or platforms. The shift to these specialized vendor risk management platforms makes sense as they have been specifically designed to address the various processes and complexities under the third-party risk management umbrella. 
  • Lastly, outsourcing is another viable but underutilized option to support third-party risk management teams. The lack of resources and bandwidth is a major problem for many third-party risk management programs. Yet, outsourcing remains an underutilized solution in these circumstances. Organizations can use outsourcing for various purposes, including conducting vendor risk reviews, collecting and organizing due diligence documentation, or supplementing their third-party risk management teams with contractors. While outsourcing makes sense for many organizations, be cautious about outsourcing your whole program. Auditors and examiners will hold your organization accountable for its third-party risk management practices whether you outsource or not, so maintaining some internal program management is essential.

So. what did we learn in 2022? As cybersecurity attacks and supply chain interruptions become more frequent and severe, third-party risk management appears to reduce the occurrence and severity of those threats. However, this requires organizations to stay vigilant, whether that is by implementing new cybersecurity controls or carefully reviewing vendor business continuity plans. Still, the high expectations for third-party risk management may not be realized if there aren't adequate resources for managing the risks. This is why third-party risk management software and services can help organizations drive efficiencies and effectiveness while creating bandwidth.

I hope you found this podcast insightful. Thanks for tuning in; catch you next time!


Subscribe to our Third Party Thursday Newsletter

Receive weekly third-party risk management news, resources, and more to your inbox.


New Call-to-action

Ready to Get Started?

Schedule a personalized solution demonstration to see how Venminder can transform your vendor risk management processes.

Request a Demo