Risk Assessments

Welcome to the Risk Assessments Community. Here you will find the latest discussions and resources that can help you in this area. Use this community to discuss anything about doing vendor risk assessments. Note: You will need to Sign In to join in the discussions and access resources. 

About Third Party Risk Assessments: The risk assessment process is a fundamental foundation of a well-managed third party risk program. A disciplined approach and repeatable process can lay a firm basis for better informed due diligence, structured ongoing monitoring and meaningful impact in mitigating concerns introduced by your organization's third parties. Taking it a step further, understanding how to mitigate inherent vendor risk is crucial to determining if the benefits of the outsourced product or service outweigh the risk posed.

Latest Discussion Posts

  • This question is written with you assuming you want to "reduce" / mitigate risk. You may find in due-diligence that the risk is too high and likely. A good solution would be to "avoid" and select a new vendor all together. Or the results may be a shining ... More

    1 person likes this.
  • I understand that using a "new technology" poses some inherent risk. But aside from whatever due diligence items are required for an application that is hosting data or connected to our network, what else might need to be or could be considered to mitigate ... More

    1 person likes this.
  • Hi All, How do you classify your managed print services vendor? Thanks for the feedback. More

  • Profile Picture

    RE: Open Source

    Open source software is vetted by IT Security, once approved the vendor is added to the portfolio in our vendor Risk Management tool and subject to the due diligence appropriate to the risk rating assigned. From experience, these vendors are rated M ... More

    1 person likes this.
  • Profile Picture

    Open Source

    Could anyone please share how your company deals with Open source development software? Is your Sourcing and Vendor Management Department involved? I appreciate any and all comments. Thanks, Dr. Jayne Suess More

ThinkTank Announcements

  • Community Update - 1,000 Members

    Hi Everyone, I want to share some very exciting news with you all. We have reached 1,000 community members! This is a milestone we’re very proud of and it’s all thanks to the fantastic third-party risk conversations you all are having every day. As always, please let me know if you have any thoughts ... More
  • COVID-19 Resources Page

    Hi Everyone,   With the COVID-19 pandemic upon us, organizations are implementing their pandemic plans, many employees are working remotely and changes in vendor management are rapidly occurring. In the industry, it has raised lot of questions about pandemic planning and best practices and reminds ... More
  • Happy New Year - We Want Your Feedback!

    Happy New Year ThinkTank members! We hope you've found the community discussions this past year to be enlightening and engaging. As we head into 2020, we want to hear your thoughts and feedback as it'll help us continue to understand what you'd like to see more of in the Third Party ThinkTank Community. ... More
  • Community Update - 600+ Members

    Hi Everyone, I wanted to provide an exciting update! The community has now surpassed 600 members and we see wonderful discussions going. We hope you’re finding them valuable. It’s our goal to always provide you a dedicated space to network, collaborate and stay educated. As we continue to grow ... More