Risk Assessments

 View Only

Welcome to the Risk Assessments Community. Here you will find the latest discussions and resources that can help you in this area. Use this community to discuss anything about doing vendor risk assessments. Note: You will need to Sign In to join in the discussions and access resources. 

About Third-Party Risk Assessments: The risk assessment process is a fundamental foundation of a well-managed third-party risk program. A disciplined approach and repeatable process can lay a firm basis for better informed due diligence, structured ongoing monitoring, and meaningful impact in mitigating concerns introduced by your organization's third parties. Taking it a step further, understanding how to mitigate inherent vendor risk is crucial to determining if the benefits of the outsourced product or service outweigh the risk posed.

Latest Discussion Posts

  • Good Afternoon, I'm curious to hear perspectives on how your TPRM program treats third-party technology installed on-premise/on-site, versus a hosted or SaaS type relationship. We designed our risk assessment to elevate the risk of technology engagements ... More

  • Profile Picture

    Template for certification

    This message was posted by a user wishing to remain anonymous I am looking to upgrade our program and it's documentation. Does anyone have a document template that they are using and would be able to share that indicates if you have either passed or ... More

  • If they have just been acquired, likely they continue to work on combining operations, policies and procedures. For many of the controls, there may not yet be an impact. I would suggest at minimum a financial review of the acquiring entity to make sure ... More

  • Profile Picture

    Vendor acquired after assessment was completed

    This message was posted by a user wishing to remain anonymous Hello, Recently we completed our risk assessment and due diligence on one of our vendors (Moderate vendor - RA & DD every other year). However, 3 months later they agreed to be acquired by ... More

    1 person likes this.
  • Any chance you'd be willing to share your questionnaire with me? [Email removed by Community Manager for privacy and security reasons. If you need the member's contact information, please message them directly by going to their member profile in the ... More