A well-written contract is absolutely essential to helping protect your organization and your customers. This area is dedicated to discussions around the management of contracts.
last person joined 2 days ago
Are you sure you want to join this community?
Would you like to visit the community homepage now?
Whether you’re vetting a new vendor or following up on an existing vendor, performing due diligence is necessary to determine if a vendor is a good fit for your organization. In this community, discuss due diligence best practices, how to onboard a new vendor, steps to continuously monitor your vendors, the due diligence you must always request and more.
Exams and audits have third party risk components. Use this community to discuss best practices, trends, how to prepare and more.
Verifying a vendor’s information security practices are sound is vital to safeguarding your data. This community is dedicated to discussions related to SOCs, business continuity and disaster recovery planning, cybersecurity and other information security topics and challenges.
Successful vendor risk management requires a fully documented set of practices. This community focuses on creating a policy, program and procedures, best practices, ideas, tips, guidance, how to implement and more.
It’s always a good idea to keep any eye on the most recent and stringent regulatory guidance for both to stay compliant and ensure you're doing everything you should. Use this community to stay abreast third party risk industry guidance, updates, ask questions, discuss pending regulatory changes or seek advice.
Vendor management reporting to senior management and the board is a regulatory requirement. This area is dedicated to discussions around what to report on, how often and any other challenges related to third party risk reporting.
The risk assessment process is a fundamental foundation of a well-managed third party risk program. It largely affects your due diligence. Use this community to discuss anything about doing vendor risk assessments.