Pre and Post-Contract Vendor Due Diligence
When should I conduct due diligence?
Throughout your vendor risk management process, you should be conducting due diligence both pre and post-contract. In this 90-second video, learn the different due diligence items you should be requesting from your third party vendors during those pre and post-contract periods.
You may also be interested in:
Hi – I’m Branan with Venminder.
In this 90-second video, you are going to learn about pre and post-contract vendor due diligence.
We’ll cover the most common requests that we recommend, and see, across the industry.
Pre-contract due diligence involves analyzing and verifying that your possible new vendor meets your needs and is in regulatory compliance.
Seven of the pre-contract due diligence requests you should ALWAYS perform are:
- A secretary of state check
- Compliant research
- An OFAC check
- Review of the Articles of Incorporation or business license
- Verify the tax ID number
- Obtain a Dun&Bradstreet report
- And conduct a negative news search
For post-contract due diligence - this refers to the ongoing monitoring of your vendor to ensure that they continually meet your needs.
The more critical the vendor is to your operations, the higher the frequency of your ongoing due diligence.
Five of the post-contract ongoing due diligence requests we typically see include:
- Financial report
- SOC report
- Business continuity and disaster recovery plans
- Cybersecurity plan
- And any other due diligence required, like a certificate of insurance and updated company policies
The due diligence lists I mentioned isn’t exhaustive and of course your requests will vary vendor to vendor based on the risk they present.
See you next time.
Subscribe to our Third Party Thursday Newsletter
Receive weekly third-party risk management news, resources and more to your inbox.