Effective third party risk management can protect your organization by managing the risks you are taking by outsourcing a product or service. In this 90 second video, you will learn about the different phases involved in third party risk in order to be more successful in your organization.
Hi – I’m Branan with Venminder. In this 90-second video, you are going to learn about managing third party risk. Here at Venminder, our entire business is centered around helping our clients manage and mitigate third party risk. In today’s climate, it’s just a must. Third party risk management has a definite lifecycle that you can follow.
The planning phase consists of building your policy, program and procedures documentation detailing HOW you will provide oversight to your vendors.
The due diligence & third party selection phase is where you will implement pre-contract due diligence, aka the vetting process. Your due diligence should always be centered around the level of risk the vendor could pose.
The contract negotiation phase is where you ensure that your contracts are organized and have strong contract language to minimize risk.
The ongoing monitoring phase is about continuing due diligence after the contract is signed. This includes periodic reviews of vendor due diligence, SLAs and addressing risk issues.
And finally, the termination phase. You should have plans in place for certain vendors, like your critical vendors, to replace the third party or to bring the function in-house in an efficient manner if needed. This includes determining what happens to any confidential information and any post termination rights to use the information for marketing or other purposes.
Remember, effective third party risk management can protect your organization by managing the risks you are taking by outsourcing a product or service.
See you next time.