Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.


Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 


Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.



Trends, best practices and insights to keep you current in your knowledge of third-party risk.


Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars



Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.



Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.


2022 State of Third-Party Risk Management Whitepaper Provides Insight Into How Organizations Are Managing Third-Party Risk

3 min read
Featured Image

Elizabethtown, KYVenminder, the industry recognized leader of third-party risk management solutions, has today released their annual “State of Third-Party Risk Management” whitepaper. The sixth annual whitepaper shares survey results that provide many with important insights into the current state of third-party risk management, as well as, the ability for third-party risk professionals to compare and benchmark their organizations’ processes against their peers.

The 2022 whitepaper covers how steadily maturing vendor risk management environments continue to be influenced and shaped by the ongoing and ever-changing pandemic. In particular, the need for robust and well-managed vendor risk was emphasized in a year marked by increases in data breaches and cybercrime. Among the many survey insights, vendor risk programs are still feeling the pressure of a lack of resources and being underfunded with most organizations continuing to move towards dedicated vendor risk management platforms to help automate processes and improve efficiency.

“The survey results share how maturity within third-party risk management practices continue to evolve and, notably, improve,” said James Hyde, CEO of Venminder. “The ever-changing nature of the COVID-19 pandemic has continued to drive heightened awareness and overall need for well-managed practices. The increase in cybercrime only has further emphasized the importance of ensuring that your data is protected, whether it’s in your hands or a vendor’s hands. This point holds true wherever it may be – whether companies work in remote, office or hybrid environments.”

Key findings from State of Third-Party Risk Management survey include:

  • The biggest challenges in third-party risk management were jointly ranked as “Having enough internal resources” (40%) and “Getting the right documents from vendors” (40%).
  • 69% are feeling more scrutiny from auditors and examiners.
  • 56% report using dedicated vendor management software.
  • 74% rated cybersecurity as a top concern, fourth-party risk also rated high at 54%, vendor business continuity rounded out the top three at 42% and other emerging risks included ESG (34%) and vendor financial health (27%).
  • 68% found that getting the line of business or vendor owner support is challenging, but manageable.
  • 65% said they had two or fewer dedicated employees, but 46% said they had more than 300 vendors – vendor risk management programs are still understaffed.
  • 60% reported that critical vendors make up 10% or less of their total vendor population, which is in line with best practices.
  • Of the organizations with ESG in scope, only 6% have defined and implemented processes. Some are currently defining and developing their program (7%) or are in early-stage implementation (9%). Still, 61% of respondents have no requirements (39%) or are unsure (22%).
  • 78% now report having a formal process in place that determines inherent and residual risk.
  • 73% said they’re reviewing their high-risk or critical vendors at least annually, which is the recommended minimum.
  • 72% updated their vendor management policy document within the last year.
  • 58% reported updates to their due diligence vendor risk questionnaire and evidence document requirements within the last year and 25% within 1-2 years.
  • 47% report that they are using a centralized model and 42% reported using a hybrid model (up from 34% in the previous year).

The full survey findings are free to download on Venminder’s website by clicking here.


About Venminder
Venminder offers a world-class SaaS platform that guides and streamlines third-party risk management. Venminder’s platform helps users collaborate on all things vendor-related and guides through critical processes such as oversight management, contract management, risk assessments, due diligence requirements, questionnaires, SLA management, vendor onboarding and more. Robust and configurable reporting can be generated from the tool to give clear visibility into the management and ongoing monitoring of third parties. Completed vendor risk assessments can be found in the Venminder Exchange and include thorough assessments of a vendor’s information security, SOC reports, contracts, financials, business continuity/disaster recovery and more. Venminder also powers Third Party ThinkTank, an online free community dedicated to third-party risk professionals. For more information, visit

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo