Reporting

 View Only

Welcome to the Reporting Community. Here you will find the latest discussions and resources that can help you in this area. This area is dedicated to discussions around what to report on, how often, and any other challenges related to third-party risk reporting. Note: You will need to Sign In to join in the discussions and access resources. 

About Third-Party Risk Reporting: Vendor management reporting to senior management and the board is a regulatory requirement. In fact, it’s a pillar of vendor management. You don’t want to be too specific or too general, so understanding the frequency, format, and what to include in your reports is all important.

Latest Discussion Posts

  • Formalizing which of your vendors requires continuous monitoring would be the first step in using and incorporating Security Scorecard into your policy. From there, utilizing the data in onboarding and ongoing lifecycles is recommended. The data can ... More

  • Profile Picture

    Security Scorecard

    This message was posted by a user wishing to remain anonymous Hi all, We are using Security Scorecard and would like to understand how other organizations are layering in the data points to third-party risk reporting/due diligence/risk assessments/etc. ... More

    1 person likes this.
  • Profile Picture

    RE: KPI/KRI Reporting

    Thanks for this information which is very useful More

  • Profile Picture

    RE: KPI/KRI Reporting

    Hi there I can provide a few suggestions for metrics to demonstrate the health and effectiveness of your Vendor Risk Management program. However, your first consideration regarding metrics will be whether you are going to use KPIs, KRIs, or a combination ... More

    1 person likes this.
  • Profile Picture

    KPI/KRI Reporting

    This message was posted by a user wishing to remain anonymous Hi all, please can someone tell me the metrics they recommend for reporting on vendor management KPIs/KRIs. More

    2 people like this.

Polls