Unanswered Questions

This message was posted by a user wishing to remain anonymous Can you share the questionnaire you use and send for ongoing monitoring of critical vendor or vendors who you are sending personal / regulated data? Is it the same as the one used during ... More

This message was posted by a user wishing to remain anonymous We just completed an acquisition of a bank that uses World Check and want to begin our DD process. So, if you use World Check, would you provide your contact name, phone and email. Thank ... More

This message was posted by a user wishing to remain anonymous Good day Community! I am in need of some suggestions or recommendations. We are currently looking to enhance our Information security due diligence for suppliers providing us with software. ... More

This sounds very similar to our "partner" program. Prior to the creation of our TPRM team, there was no governance around these relationships. But now, we perform the actions Hilary called out: we have a direct contract with the partner, we perform ... More

Would anyone provide a template for your company's procedures? More

I've taken 3 CRVPM certification courses from Mick Kless at Compliance Education Institute, LLC. He's also got courses specific to certain things, like contract negotiation, compliance, etc. They recently added a certification course called Certified ... More

Hello-- I am interested if anyone is utilizing a service for Know-Your-Customer (KYC) and would have any recommendations. Thanks, Aaron Sparks More

Does anyone have a due diligence document checklist that they would be willing to share, that is tailored by vendor type or criticality? More

This message was posted by a user wishing to remain anonymous How are other insurance companies handling Claims regarding their TPRM process? Interested in what is in scope, out of scope, and the criteria used to determine this along with any rationale. ... More

Hi TPRM Colleagues - Just reaching out to see if your organization uses a service provider to conduct financial and reputational reviews to support supplier due diligence and ongoing monitoring. If so, it would be very helpful to know who ... More

This message was posted by a user wishing to remain anonymous Do you have documented exit plans for your vendors? If so, how are you documenting those and what are you including in the documents? We are planning to start with critical vendors and have ... More

Hi Michelle, We outsource the periodic (and sometimes initial) reviews for all of our Critical and some of our Significant vendors each year to the company we use for our ERM Suite, (which includes Vendor Management). They collect and review documentation ... More

With our BaaS opportunities and working with a company based out of Sweden, they have advised that DORA and SOC2 are similar and I am seeking any guidance on this topic from this community. We read that EY consultants met with leaders from the Swedish ... More

Hi all, Could anyone share TPRM escalation matrix template. Which will cover both internal (TPRM team) & external (Vendor) escalation matrix. Thanks in advance. - Srinivasa More

With our BaaS opportunities and working with a company based out of Sweden, they have advised that DORA and SOC2 are similar and I am seeking any guidance on this topic from this community. We read that EY consultants met with leaders from the Swedish ... More

Hello Everyone, In a Value Stream Mapping session and relocation vendors came up. In case you are unfamiliar, these are vendors who reimburse our organization for all or a portion of the closing fees associated with an employee relocating at their ... More

Wondering what business/financial intelligence tools you all may use for ongoing monitoring. I've done a bit of research, but what I'm coming up with is mostly from sales perspectives (research)and not from risk/monitoring perspectives. I'm considering ... More