Due Diligence and Ongoing Monitoring

So, from a policy standpoint, this sort of activity (the unauthorized onboarding) might fall into a number of violations, all depending on how you have your Acceptable Use and other policies/standards defined. In this case, the process of calling this ... More

This message was posted by a user wishing to remain anonymous Hi all, After conducting research and reviewing several industry articles, I wanted to seek input from this group regarding how similar situations are managed within your TPRM programs. ... More

The timing and frequency of ongoing monitoring typically depend on the vendor's risk tiering. In my current role, once a vendor onboarding process is initiated, we conduct an inherent risk assessment to determine the level of risk the vendor introduces ... More

Hi Tara! Creating onboarding guides can get complicated when you have to take into consideration all the departments that may have a hand in onboarding vendors. Thankfully, there's many resources here in Third Party Thinktank! Here is an onboarding toolkit ... More

Hi, would anyone be so kind as to share their onboarding guide/checklist from start to finish? We are coming up with a guide to distribute to departments for them to use while vetting new vendors and gathering due diligence documents before onboarding. ... More