Due Diligence and Ongoing Monitoring

 View Only

Welcome to the Due Diligence and Ongoing Monitoring Community. Here you will be able to network, collaborate, and see the latest discussions that can help you in this area. Note: You will need to Sign In to join in the discussions and access resources. 

About Due Diligence and Ongoing Monitoring: Whether you’re vetting a new vendor or following up on an existing vendor, performing due diligence is necessary to determine if a vendor is a good fit for your organization. Ongoing monitoring is a regulatory expectation, an overall sound business practice and can lead to discovering risk that would have otherwise gone unnoticed.

Latest Discussion Posts

  • Happy to weigh in as a SME, but I would love to hear everyone else's thoughts as well. Reviewing a SOC 2 report for vendors in the Infrastructure tier as part of your annual due diligence provides several critical benefits, even though these vendors may ... More

    1 person likes this.
  • Profile Picture

    Infrastructure Vendors

    This message was posted by a user wishing to remain anonymous Hello, We are currently updating our vendor due diligence packages. With your Infrastructure vendors, do you ask for a SOC 2? Why or why not? More

  • We do not review financials for low-risk vendors. However, we check the contract and COI annually & make sure vendor contact is up to date. ------------------------------ Tara Murray ------------------------------ More

  • We will assess our vendors for financial risk during the onboarding process and conduct annual reviews thereafter. Given the low risk, it makes sense to conduct annual financial review rather than more frequently. More

  • Profile Picture

    RE: DO Low-risk vendors need a financial review?

    This message was posted by a user wishing to remain anonymous Same here. Just Highs and Criticals for us. More

Polls