Unanswered Questions

  • Profile Picture

    Resellers and Contracts/Warranties

    Posted in: Contract Management

    This message was posted by a user wishing to remain anonymous Hi! I am new to working for a small company where in some cases of software, maintenance, and equipment purchases that we have to go through Resellers for those needs. We have a few resellers ... More

  • Profile Picture

    Cloud Computing

    Posted in: Risk Assessments

    This message was posted by a user wishing to remain anonymous Hello, <o:p></o:p> As a newer practitioner of TPRM I have a question: <o:p></o:p> We use an e-mail, web security and archiving service vendor that provides cloud computing services ... More

  • Profile Picture

    Third Party Reseller

    This message was posted by a user wishing to remain anonymous What type of documents should I collect from a third party reseller of IT services. More

  • Profile Picture

    Exit Plans

    This message was posted by a user wishing to remain anonymous Do you have documented exit plans for your vendors? If so, how are you documenting those and what are you including in the documents? We are planning to start with critical vendors and have ... More

  • Hi Michelle, We outsource the periodic (and sometimes initial) reviews for all of our Critical and some of our Significant vendors each year to the company we use for our ERM Suite, (which includes Vendor Management). They collect and review documentation ... More

  • With our BaaS opportunities and working with a company based out of Sweden, they have advised that DORA and SOC2 are similar and I am seeking any guidance on this topic from this community. We read that EY consultants met with leaders from the Swedish ... More

  • Posted in: Reporting

    Hi all, Could anyone share TPRM escalation matrix template. Which will cover both internal (TPRM team) & external (Vendor) escalation matrix. Thanks in advance. - Srinivasa More

  • With our BaaS opportunities and working with a company based out of Sweden, they have advised that DORA and SOC2 are similar and I am seeking any guidance on this topic from this community. We read that EY consultants met with leaders from the Swedish ... More

  • Profile Picture

    Relocation Vendors

    Hello Everyone, In a Value Stream Mapping session and relocation vendors came up. In case you are unfamiliar, these are vendors who reimburse our organization for all or a portion of the closing fees associated with an employee relocating at their ... More

    1 person likes this.
  • Wondering what business/financial intelligence tools you all may use for ongoing monitoring. I've done a bit of research, but what I'm coming up with is mostly from sales perspectives (research)and not from risk/monitoring perspectives. I'm considering ... More

  • Hello all, Any insights on what criteria to focus on when developing policy and procedures related to vendor prepayment or advance payment to vendor? Thank you very much in advance for your time and guidance. Sincerely, Dee More

  • Profile Picture

    TPRM Staffing Models

    This message was posted by a user wishing to remain anonymous I'm wondering if there is any industry standards information that exists surrounding TPRM Staffing Models. I'm interested in seeing things such as "X" number of TPRM and InfoSec Assessors ... More

    1 person likes this.
  • Profile Picture

    NPII

    This message was posted by a user wishing to remain anonymous What do you consider NPI under your vendor management program for a financial institution? More

  • Profile Picture

    Sample Health Plan Risk Assessment

    Posted in: Risk Assessments

    This message was posted by a user wishing to remain anonymous Our health plan is working on maturing our vendor management program and would appreciate seeing any examples of inherent/residual risk assessments being used by other health plans. Thank ... More