View Only

Welcome to the Reporting Community. Here you will find the latest discussions and resources that can help you in this area. This area is dedicated to discussions around what to report on, how often, and any other challenges related to third-party risk reporting. Note: You will need to Sign In to join in the discussions and access resources. 

About Third-Party Risk Reporting: Vendor management reporting to senior management and the board is a regulatory requirement. In fact, it’s a pillar of vendor management. You don’t want to be too specific or too general, so understanding the frequency, format, and what to include in your reports is all important.

Latest Discussion Posts

  • Thanks for this information which is very useful More

  • Profile Picture

    RE: KPI/KRI Reporting

    Hi there I can provide a few suggestions for metrics to demonstrate the health and effectiveness of your Vendor Risk Management program. However, your first consideration regarding metrics will be whether you are going to use KPIs, KRIs, or a combination ... More

    1 person likes this.
  • Profile Picture

    KPI/KRI Reporting

    This message was posted by a user wishing to remain anonymous Hi all, please can someone tell me the metrics they recommend for reporting on vendor management KPIs/KRIs. More

    2 people like this.
  • Profile Picture

    RE: Risk Mitigation Plans

    While each organization will have its own processes in place, it is a reasonable question on how and when to inform stakeholders of risk remediation plans. The key is to identify the roles that stakeholders hold in the individual process. This can be ... More

  • Profile Picture

    Risk Mitigation Plans

    This message was posted by a user wishing to remain anonymous Hi TPRM Community! I have a question in regard to the risk mitigation process internally at your organization. I realize that it is dependent on the risk, controls, etc. However, what ... More