Exams or Audits

 View Only

Welcome to the Exams and Audits Community. Here you will find the latest discussions and resources that can help you in this area. Use this community to discuss best practices, trends, how to prepare, and more. Note: You will need to Sign In to join in the discussions and access resources. 

About Third-Party Risk Exams and Audits: Exams and audits have vendor management components. Understanding ways to adequately prepare for an upcoming exam or audit is critical. You must understand what the examiners and auditors expect, how to prepare documentation you’ll share with them, who should be involved, and how best to follow up on their exam findings so that the same mistake doesn’t happen again.

Latest Discussion Posts

  • Profile Picture

    RE: Auditing Expired contracts

    By: Linda Tuck Chapman , Third Party Risk Institute Ltd. , 20 days ago

    In my opinion, no. The only caveat is a recommendation to audit the exit plan and documentary evidence that supports a safe and secure exit (data, continuity, etc). More

  • Profile Picture

    Auditing Expired contracts

    By: Kothai Manoharan , 28 days ago

    Relationships and governance of the third party relationships are audited for the existing and live contracts. Is there value in assessing the ongoing monitoring of relationships by a Relationship Manager for an expired contract (expired during the audit, ... More

  • Profile Picture

    Auditing Regularity

    By: Kothai Manoharan , 29 days ago

    What would be a reasonable regularity for auditing third party arrangements based on criticality or risk levels (High, Medium and low)? This is for internal auditors. How often should Internal Audit review/audit third party arrangements? More

  • Profile Picture

    RE: Audit recommendation - Vendor Training

    By: Kay Fonguh , one month ago

    Thank you for raising this question. While it may seem unconventional for organizations to provide training to vendors, it is actually a common practice, particularly for critical vendors handling sensitive data, regulated processes, or essential business ... More

  • Profile Picture

    RE: Audit recommendation - Vendor Training

    By: Steve Harper , one month ago

    Did Management accept that finding and recommendation? If the onboarding process, regular relationship management meetings and annual review process are operating as intended, additional training seems excessive More

Polls

Most Active Users List