Software

Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Overview
Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

VX LP Sequence USE FOR CORPORATE SITE-thumb
Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.

CREATE FREE ACCOUNT

Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 

Industries

Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

1.7.2020-what-is-a-third-party-risk-assessment-FEATURED
Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.

DOWNLOAD SAMPLES

Resources

Trends, best practices and insights to keep you current in your knowledge of third-party risk.

Webinars

Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars

 

Community

Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.

Subscribe

 

Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

resources-whitepaper-state-of-third-party-risk-management-2023
State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.

DOWNLOAD NOW

video

10 Best Practices of Good Vendor Managers

CPE Credit Eligible

Vendor manager best practices to follow.

Throughout this video you will learn the best practices of good vendor managers, what you should be researching and more.  

You may also be interested in:


Video Transcript

Welcome to this week’s Third Party Thursday! My name is Branan Cooper and I’m the Chief Risk Officer here at Venminder.

Vendor management is a complex job. There's plenty of prescriptive guidance out there, but what do the best vendor managers do to ensure the job is done well?

Let's go through 10 best practices:

  1. Write a complete set of policies, programs and procedures  - and get outside help to review it. With this, make sure it is thorough. Scatter references to specific guidance through every document and incorporate feedback from your auditors.
  2. Carefully define your scope - you can’t possibly cover every single provider. Define both who is in scope and, equally important, who is not. And, document why the scope is focused on certain third parties but not others.
  3. Don't forget to stay abreast of changing regulations and commit them to policy - set up to receive alerts from regulatory body when new guidance is issued. Then when the guidance comes out, study it - do the research to see what others are saying about it until you thoroughly understand it. 
  4. Subscribe to law firm and CPA firm newsletters that specialize in compliance issues - they're an excellent source of analysis and commentary. And, read articles from other industry experts via blogs or other sources.
  5. There is an old adage - If it isn’t written down, it didn’t happen. Be prompt and be thorough in your documentation. Never assume your senior management team or auditors know what you’re thinking. Be responsive to good ideas and to constructive criticism.
  6. Keep senior management and your board informed and engaged - set up a standard set of reports, but supplement with newsworthy material when needed. Brief them on what they need to know and what is changing. Ownership of risk flows uphill and surprises are not received well.
  7. Determine customized ways of doing ongoing monitoring - tailor the method to match the type of service provided and always think of it from the customer experience point of view - where are the potential pain points or areas of confusion? Service level reporting, transaction testing and mystery shopping are easy ways to employ sound oversight practices.
  8. Learn from each examination - internal, external and regulatory. Recommendations and criticisms should be thoroughly discussed and put into actionable forms. Where needed, update your materials and make absolutely certain what is described is put into actual practice.
  9. It's always a good idea, even though there may be some expense involved, to attend conferences and webinars to learn best demonstrated practices and new ideas - small investments go a long way. Find peers that are willing to share their ideas, challenges and solutions. After all, education is the key to maturing your vendor management program.
  10. Take pride in your work - don’t just ‘check a box’. Doing vendor management the right way is not easy but done well, it is a real competitive advantage. 

A robust program protects your financial institution from unnecessary (and potentially embarrassing) risk. Opportunities to compare and contrast providers usually leads to positive and forward change.

So there you go, you now know 10 best practices to make you a really good vendor manager. Again, they are: have a complete set of policies, programs and procedures; carefully define scope; ask for input; stay on top of regulation changes; write everything down; keep senior management and board updated; customize ongoing monitoring; learn from exams; educate yourself and don't just check the box.

I'm Branan Cooper and thank you for watching! If you haven’t already, subscribe to the Third Party Thursday series.

38116-newsletter

Subscribe to our Third Party Thursday Newsletter

Receive weekly third-party risk management news, resources, and more to your inbox.

 

New Call-to-action

Ready to Get Started?

Schedule a personalized solution demonstration to see how Venminder can transform your vendor risk management processes.

Request a Demo