Due Diligence and Ongoing Monitoring

Is anyone conducting CONTINUOUS vendor monitoring (as opposed to periodic monitoring)?  I would like to provide continuous monitoring on my critical vendors.  Have some ideas about how to get this done but looking for any suggestions the group might have. 

Thanks in advance -

I have used google alerts before vs a paid service (with scores etc).
Original Message:
Sent: 10-23-2019 09:03 AM
From: Pam Hamingson
Subject: Continuous Vendor Monitoring

Is anyone conducting CONTINUOUS vendor monitoring (as opposed to periodic monitoring)?  I would like to provide continuous monitoring on my critical vendors.  Have some ideas about how to get this done but looking for any suggestions the group might have. 

Thanks in advance -

Original Message------

I have used google alerts before vs a paid service (with scores etc).

Another good notification platform that is similar is to follow companies of interest (i.e. vendors) on LinkedIn.​

------------------------------
L. Beachy
------------------------------

Original Message:
Sent: 10-23-2019 09:33 AM
From: Marcos Marcal
Subject: Continuous Vendor Monitoring

I have used google alerts before vs a paid service (with scores etc).
Original Message:
Sent: 10-23-2019 09:03 AM
From: Pam Hamingson
Subject: Continuous Vendor Monitoring

Is anyone conducting CONTINUOUS vendor monitoring (as opposed to periodic monitoring)?  I would like to provide continuous monitoring on my critical vendors.  Have some ideas about how to get this done but looking for any suggestions the group might have. 

Thanks in advance -

Original Message------

I have used google alerts before vs a paid service (with scores etc).

The overall trend is to begin incorporating some form of third party intelligence service into one's TPRM.  A number of options have developed in this market space in recent years. Forrester also has a good white paper entitled 'Third-Party Risk Intelligence' (Oct 2017) that introduced the topic and its pros and cons.  TPRI will best be seen as a supplement to an overall vendor management program but it does address the issue of continuous (or at least frequent) monitoring that strengthens the position versus any kind of an annual assessment cycle.​
Original Message:
Sent: 10-23-2019 09:03 AM
From: Pam Hamingson
Subject: Continuous Vendor Monitoring

Is anyone conducting CONTINUOUS vendor monitoring (as opposed to periodic monitoring)?  I would like to provide continuous monitoring on my critical vendors.  Have some ideas about how to get this done but looking for any suggestions the group might have. 

Thanks in advance -

We use a service provided via our vendor management system for Criticals only.
Original Message:
Sent: 10-23-2019 09:03 AM
From: Pam Hamingson
Subject: Continuous Vendor Monitoring

Is anyone conducting CONTINUOUS vendor monitoring (as opposed to periodic monitoring)?  I would like to provide continuous monitoring on my critical vendors.  Have some ideas about how to get this done but looking for any suggestions the group might have. 

Thanks in advance -

Hello Pam, I work with FIs in setting up continuous monitoring of third-party relationships, here are a couple recommendations/findings:

• First look at the type of vendors you want to monitor - what size are they? Getting news/info on larger and publicly traded companies is easier than for smaller companies - Make sure you pay close attention to the types of firms that have access to customer data. For example, trying to monitor smaller boutique marketing firms have prematurely aged many a vendor manager.  

• How many vendors are you looking to monitor?  If its more than a few dozen then be wary of information overload.  Im not a fan of google alerts in larger environments because of the volume of alerts that can be generated.  After too many alerts announcing "Vendor X is pleased to support a local charity", risk teams can become numb and start ignoring them.  You really want alerts only on material events - changes in risk profile, lawsuits, liens, changes in ownership, etc.

• What types of sources of information do you trust?  Make sure you understand what type of information is being monitored and the source. 

• If I had to pick two things to make sure you are including in your monitoring it would be data that could help you understand the following:
  • Is the vendor currently paying their bills, because if they can't, nothing else matters.  Here's an example on why I believe this
  • Is the vendor currently being sued or has legal actions that could put them out of business?

• Cautiously evaluate vendors/solutions.  When compared to manual effort, the ROI on investing in a monitoring solution is consistently high.  However, there are some vendors who are offering "monitoring" which in reality turns out to be a sales email trying to sell you credit reports.  The way it works, you sign up for 
  "monitoring" for a company, then you receive an email that says "Something happened to this company, but you have to buy our report to find out what it was."  Stay away from those, there are better values out there.

Hope this helps.

Kevin Sasser
Original Message:
Sent: 10-23-2019 09:03 AM
From: Pam Hamingson
Subject: Continuous Vendor Monitoring

Is anyone conducting CONTINUOUS vendor monitoring (as opposed to periodic monitoring)?  I would like to provide continuous monitoring on my critical vendors.  Have some ideas about how to get this done but looking for any suggestions the group might have. 

Thanks in advance -