Request Demo →
podcast

Who, What and Why of a Vendor Risk Appetite Statement

CPE Credit Eligible

Do you need help determining what your vendor risk appetite is?

This podcast breaks down some of the common questions you may have when it comes to determining your organization’s risk appetite.

Available on
Listen-on-Apple-Podcasts-badge.jpg  google-play-badge 2.jpg

You may also be interested in:

Infographic: How to Rate Your Vendor's Regulatory Risk Level

eBook: Mini Vendor Risk Assessment Guidebook & Best Practices

 

Podcast Transcript

Hi – my name is Abbe with Venminder. Abbe Clark Headshot

In this podcast, you’re going to learn what a vendor risk appetite statement is, why it’s important and who is involved in developing it. 

At Venminder, we have a team of industry experts who specialize in managing vendor risk every day and know all about this topic.

So, first, what is a vendor risk appetite statement? It’s the amount of risk the organization is willing to accept in order to meet the organization’s strategic objectives based on quantitative and qualitative measurements.

Why is it important? The risk appetite statement should serve as a guideline that’s regularly examined and modified as it’s the risk threshold your organization is unwilling to cross, and, that’s a pretty big deal.

Who’s involved? Many groups are involved in the development of your organization’s risk appetite statement. Seek the input from the following 5 crucial groups of stakeholders.

  1. The board
  2. Senior management
  3. Business unit leaders
  4. The finance department
  5. And anyone involved in strategic planning

As a best practice, begin defining your risk appetite statement by asking each of these groups what monetary amount they believe a material loss to be for your organization. Every organization’s size and processes are unique; therefore, they’ll define material loss and the methodology for risk mitigation differently.

There’s no one-size-fits-all approach to risk appetite. The more mature organizations will always have a different viewpoint on their risk tolerance versus smaller organizations. Start with the concept of a material loss and work through the development process with your stakeholders. Then start reviewing your SCORE risks. SCORE is an acronym for strategic, compliance, operational, reputational and expense risk.

Understanding your organization’s vendor risk appetite can be a complex concept to grasp but if you start small and build upon your organization’s definition of a material loss, it makes it a lot easier to absorb.

I hope you found this podcast insightful.

Thanks for tuning in; catch you next time!
38116-newsletter