View All Communities

This community provides a space where professionals in the industry can access third-party risk management resources, and more importantly, interact with each other through discussion boards. You’re able to network, share stories, ask questions, receive feedback from others to help overcome your own challenges, and more. 
10 total

Contract Management  

A well-written contract is absolutely essential to helping protect your organization and your customers. This area is dedicated to discussions around the management of contracts.

  last person joined 3 days ago

View Only

Due Diligence and Ongoing Monitoring  

Whether you’re vetting a new vendor or following up on an existing vendor, performing due diligence is necessary to determine if a vendor is a good fit for your organization. In this community, discuss due diligence best practices, how to onboard a new vendor, steps to continuously monitor your vendors, the due diligence you must always request, and more.

  last person joined 3 days ago

View Only

Exams or Audits  

Exams and audits have third-party risk components. Use this community to discuss best practices, trends, how to prepare, and more.

  last person joined 3 days ago

View Only

Information Security  

Verifying a vendor’s information security practices are sound is vital to safeguarding your data. This community is dedicated to discussions related to SOCs, business continuity and disaster recovery planning, cybersecurity, and other information security topics and challenges.

  last person joined 3 days ago

View Only

Mature or Complex Programs  

Some organizations have more experience doing third party risk management than others. This community is for those who want to talk to professionals with more mature or complex programs and prefer to discuss in a separate space about more in-depth concepts or advanced topics.

  last person joined 5 days ago

View Only

Policy, Program, and Procedures  

Successful vendor risk management requires a fully documented set of practices. This community focuses on creating a policy, program, and procedures; best practices; ideas; tips; guidance; how to implement; and more.

  last person joined 3 days ago

View Only

Regulations  

It’s always a good idea to keep any eye on the most recent and stringent regulatory guidance for both to stay compliant and ensure you're doing everything you should. Use this community to stay abreast third-party risk industry guidance, updates, ask questions, discuss pending regulatory changes, or seek advice.

  last person joined 3 days ago

View Only

Reporting  

Vendor management reporting to senior management and the board is a regulatory requirement. This area is dedicated to discussions around what to report on, how often, and any other challenges related to third-party risk reporting.

  last person joined 3 days ago

View Only

Risk Assessments  

The risk assessment process is a fundamental foundation of a well-managed third-party risk program. It largely affects your due diligence. Use this community to discuss anything about doing vendor risk assessments.

  last person joined 3 days ago

View Only

Small to Mid-Size Organizations  

For questions and discussions that do not fit in a topic community and are regarding an organization of small to mid-size.

  last person joined 11 days ago

View Only