Latest Discussions

Catch Up on the Latest Discussions
Network. Collaborate. Connect. 

This community provides a space where professionals in the industry can access third party risk management resources, and more importantly, interact with each other through discussion boards. You’re able to network, share stories, ask questions, receive feedback from others to help overcome your own challenges and more. 

Latest Discussions List

  • Posted in: Risk Assessments

    Hi All, How do you classify your managed print services vendor? Thanks for the feedback.

  • Profile Picture

    RE: 4th Party Vendors

    This message was posted by a user wishing to remain anonymous For critical vendors, it's important, first and foremost, to make sure the contract requires them to notify you of any sub-service providers that are essential to the services they are providing ...

  • Profile Picture

    RE: Open Source

    Posted in: Risk Assessments

    Open source software is vetted by IT Security, once approved the vendor is added to the portfolio in our vendor Risk Management tool and subject to the due diligence appropriate to the risk rating assigned. From experience, these vendors are rated M ...

    1 person likes this.
  • Profile Picture

    Open Source

    Posted in: Risk Assessments

    Could anyone please share how your company deals with Open source development software? Is your Sourcing and Vendor Management Department involved? I appreciate any and all comments. Thanks, Dr. Jayne Suess

  • Profile Picture

    RFP Software

    This message was posted by a user wishing to remain anonymous Seeking recommendations for RFP software.

  • Profile Picture

    RE: SIFMUs

    While Systemically Important Financial Markets Utilities (SIFMUs) are part of the due diligence process every financial institution in the finance industry is required to perform, they are unique. First, since October 2014, they are the most highly regulated ...

  • Profile Picture

    SIFMUs

    This message was posted by a user wishing to remain anonymous Re: Systemically Important Financial Markets Utilities (SIFMUs): Hello all, Not sure if this topic was a previous discussion. How is everyone handling reviews of their SIFMUs? From my experience, ...

  • Profile Picture

    RE: C3PRMP

    This message was posted by a user wishing to remain anonymous Thanks every1 for your responses! Also will these courses be beneficial if Iam working in a Local bank in Dubai (United Arab emirates)?

  • For the time being, site visits will take place interactively. Site visits as we are used to will return, but for now, virtual site visits are an option. Bear in mind the large the spend, the more you need to perform a site visit. We should use caution ...

  • Profile Picture

    RE: C3PRMP

    This message was posted by a user wishing to remain anonymous Looks like C3PRMP is through Sourcing Industry Group (SIG). Cost is about $4,895, but has a free trial. https://sig.org/sig-university/certified-third-party-risk-management-professional-certification ...

  • Profile Picture

    RE: Insurance Requirements by Engagement Type?

    This message was posted by a user wishing to remain anonymous Hi Jeff, We require evidence of coverages below based on inherent risk rating. Range is $1M to $15M. The higher* amounts for Medium and High Risk and/or if considered a Technology provider. ...

  • Profile Picture

    RE: C3PRMP

    I had not heard of the certification, either. However, based on some quick Google research, the book upon which the certification course is based, "Third Party Risk Management – Driving Enterprise Value", by Linda Tuck Chapman, on is available on the ...

  • Profile Picture

    RE: C3PRMP

    Honestly, I've never heard of this particular certification. In looking at most jobs posted on Linkedin, the companies seem to be looking for the following certification(s) specific to TPRM: * CTPRP ( https://sharedassessments.org/ctprp/ ) * CRVPM ...

  • Profile Picture

    RE: C3PRMP

    My colleague and I have gone through the course. We both felt it was beneficial.

  • Profile Picture

    C3PRMP

    This message was posted by a user wishing to remain anonymous Hi All, Could any one advise if C3PRMP is a good Certified course for 3rd party risk professionals? Thanks!

  • Profile Picture

    4th Party Vendors

    ​​ What is your plan for 4th party vendors on a critical vendor?

  • It's a rare scenario, but you definitely need the Board approval and respective business desk approvals. Then you need to identify all data connections (should have been identified at onboarding), make sure your access management terminates all digital ...

  • How do you handle offboarding of third parties where the third party inherent risk is Critical (e.g. millions of records with restricted data included)? Thanks, Dr. Jayne

  • Good Afternoon, We are working to define what our corporate minimum insurance requirements are for the different types of engagements. This is easier said than done. Of course, each specific engagement will need to be evaluated to find out if the $ ...

  • Profile Picture

    RE: Review Frequency

    We review Critical vendors annually; Moderate every three years and No Impact every five years.