Risk Assessments

Welcome to the Risk Assessments Community. Here you will find the latest discussions and resources that can help you in this area. Use this community to discuss anything about doing vendor risk assessments. Note: You will need to Sign In to join in the discussions and access resources. 

About Third Party Risk Assessments: The risk assessment process is a fundamental foundation of a well-managed third party risk program. A disciplined approach and repeatable process can lay a firm basis for better informed due diligence, structured ongoing monitoring and meaningful impact in mitigating concerns introduced by your organization's third parties. Taking it a step further, understanding how to mitigate inherent vendor risk is crucial to determining if the benefits of the outsourced product or service outweigh the risk posed.

Latest Discussion Posts

  • During the onboarding process, we look at the use case and determine the Risk to the product or service as well as the impact should something go wrong. Business continuity is fine but again, it is part of the equation. Access to confidential information ... More

  • This message was posted by a user wishing to remain anonymous I would concur with Keith's input. I would never base an inherent risk scoring on spend. I would gather the information though and utilize it as a trigger for a financial review as someone ... More

  • This message was posted by a user wishing to remain anonymous Been following this thread, and there is a lot of good info here. However, if you have a policy such as no NPI/PII or proprietary company data is shared, the services are not critical to ... More

  • This message was posted by a user wishing to remain anonymous Hi Keith, That article you linked is pretty scary. Thanks for sharing. What would you recommend as a better approach if the financial spend isn't the route to take? Wouldn't it be potentially ... More

  • I would never base importance on financial spend. When I give presentations on this topic I often give two of my favorite examples: 1) In the tech world, many major tech companies use a service that costs ~$50K/year to file corporate taxes. It seems ... More

    1 person likes this.

ThinkTank Announcements

  • Seeking Your Input - Annual TPRM Survey!

    Hi Community Members, We’re looking for your valuable input! Venminder is conducting their annual survey for the State of Third-Party Risk Management 2021 whitepaper and we’re hoping you may have 5 minutes to spare to help out and take the survey. The complimentary whitepaper will be released in early ... More
  • Community Update - 1,000 Members

    Hi Everyone, I want to share some very exciting news with you all. We have reached 1,000 community members! This is a milestone we’re very proud of and it’s all thanks to the fantastic third-party risk conversations you all are having every day. As always, please let me know if you have any thoughts ... More
  • COVID-19 Resources Page

    Hi Everyone,   With the COVID-19 pandemic upon us, organizations are implementing their pandemic plans, many employees are working remotely and changes in vendor management are rapidly occurring. In the industry, it has raised lot of questions about pandemic planning and best practices and reminds ... More
  • Happy New Year - We Want Your Feedback!

    Happy New Year ThinkTank members! We hope you've found the community discussions this past year to be enlightening and engaging. As we head into 2020, we want to hear your thoughts and feedback as it'll help us continue to understand what you'd like to see more of in the Third Party ThinkTank Community. ... More