Request Demo →
podcast

4 Tips for Building a Third-Party Risk Management Program

CPE Credit Eligible
 

Available on
Listen-on-Apple-Podcasts-badge.jpg  google-play-badge 2.jpg

You may also be interested in:

Checklist: Third-Party Risk Management

eBook: Flight Path to Master Third-Party Risk Management

Podcast Transcript

Hi – this is John with Venminder.    
John Daugherty CIRCLE

In this 90-second podcast, we’ll review four tips that can help your organization build an effective third-party risk management program.

At Venminder, we have a team of industry experts who understand the best strategies needed to build a strong third-party risk management program.

As organizations become more reliant on third-party vendors to perform essential business activities, it’s important to understand and manage the risks these vendors can pose. After all, you can outsource a product or service, but you can’t outsource the risk!

The following four tips can help ensure that your program is built to run smoothly and efficiently:

First, set the tone from the top. By obtaining support from senior leadership and the board, the rest of your third-party risk management team will be more inclined to see the importance of the program and to perform the necessary duties.

Second, understand your vendor portfolio. Engage other departments such as accounts payable, compliance and information security to understand the scope of your vendor portfolio and different vendor categories. You’ll also need to identify those vendors that are critical to your operations.

Next, establish your governance documents. At a minimum, you’ll need a policy that sets the rules and guidelines for third-party risk management at your organization. As a best practice, you may also create a program document to show the roles and responsibilities as well as the high-level objectives and action steps for each process. And finally, the step-by-step procedures to help the employee complete each process.

Finally, advocate for sufficient resources. Ensure you have access to qualified internal or external subject matter experts who have the bandwidth to complete vendor assessments.

Remember that building a third-party risk management program is a worthy effort that’s necessary to protect your organization from a variety of vendor risks.

Hope you found this podcast insightful. Thanks for tuning in; catch you next time!  
38116-newsletter