All Communities

8 total

Contract Management  

A well-written contract is absolutely essential to helping protect your organization and your customers. This area is dedicated to discussions around the management of contracts.

  last person joined 4 days ago

View Only

Due Diligence and Ongoing Monitoring  

Whether you’re vetting a new vendor or following up on an existing vendor, performing due diligence is necessary to determine if a vendor is a good fit for your organization. In this community, discuss due diligence best practices, how to onboard a new vendor, steps to continuously monitor your vendors, the due diligence you must always request, and more.

  last person joined 4 days ago

View Only

Exams or Audits  

Exams and audits have third-party risk components. Use this community to discuss best practices, trends, how to prepare, and more.

  last person joined 4 days ago

View Only

Information Security  

Verifying a vendor’s information security practices are sound is vital to safeguarding your data. This community is dedicated to discussions related to SOCs, business continuity and disaster recovery planning, cybersecurity, and other information security topics and challenges.

  last person joined 4 days ago

View Only

Policy, Program, and Procedures  

Successful vendor risk management requires a fully documented set of practices. This community focuses on creating a policy, program, and procedures; best practices; ideas; tips; guidance; how to implement; and more.

  last person joined 4 days ago

View Only

Regulations  

It’s always a good idea to keep any eye on the most recent and stringent regulatory guidance for both to stay compliant and ensure you're doing everything you should. Use this community to stay abreast third-party risk industry guidance, updates, ask questions, discuss pending regulatory changes, or seek advice.

  last person joined 4 days ago

View Only

Reporting  

Vendor management reporting to senior management and the board is a regulatory requirement. This area is dedicated to discussions around what to report on, how often, and any other challenges related to third-party risk reporting.

  last person joined 4 days ago

View Only

Risk Assessments  

The risk assessment process is a fundamental foundation of a well-managed third-party risk program. It largely affects your due diligence. Use this community to discuss anything about doing vendor risk assessments.

  last person joined 4 days ago

View Only