Login
Blog-Bg.jpg

Third Party Thursday

SEPTEMBER 5, 2019

10 Ways to Improve Your Third Party Risk Management Program

Podcast: Play in a new window | Download

Proper vendor management requires you to periodically go update and improve elements of your program. To help, listen to this 90-second podcast to hear specific steps you can start taking today to improve your third party risk program.

Available on
Listen-on-Apple-Podcasts-badge.jpg  google-play-badge 2.jpg

   

Podcast Transcript

Hi – my name is Josh with Venminder.

In this 90-second podcast, you’re going to learn 10 ways to improve your third party risk management joshua-cooper-headshot-CIRCLEprogram.

At Venminder, we have a qualified team of experts who consult daily on third party risk management programs to help a wide range of organization types and sizes improve their processes.

So, here are 10 best practice recommendations we encourage:

  1. First, establish comprehensive policy, program and procedures documentation.

  2. Next, periodically verify your work product matches what you’ve outlined within the policy and program documentation.

  3. Third, follow the vendor risk management lifecycle throughout every vendor relationship. Reference regulatory guidance like OCC Bulletin 2013-29 to assist.

  4. My fourth tip is don’t forget to continuously monitor vendor relationships. This includes requesting the most current due diligence documents throughout the year and analyzing each one thoroughly.

  5. Fifth, always have a subject matter expert perform the due diligence reviews. This will ensure they’re of the highest quality and accurate.

  6. Sixth, involve senior management and the board in your third party risk management program.

  7. Seventh, utilize your first line of defense. They’re the ones communicating with the vendors daily; therefore, they probably have some great insight to share with you.

  8. Eighth, implement a centralized vendor risk management framework, or, if you’re a very large organization, you might consider implementing a hybrid framework.

  9. Ninth, always invest in education such as industry conferences and webinars.

  10. My tenth and final recommendation: create a culture of compliance. Ensure your whole organization understands the importance of their role in the third party risk management program and the expectations you have for the program and their participation. Let everyone know how failure to follow procedures may impact them and the organization negatively.

I hope you found these 10 recommendations helpful.

Thanks for tuning in; catch you next time!

Sign-Up-Bg.jpg

Subscribe to our Third Party Thursday Newsletter

bng-requestademo.png

Join hundreds of clients and see how Venminder can help.

REQUEST A DEMO