Unanswered Questions

  • Profile Picture

    Multiyear contracts - discount/incentive preferenc ...

    Posted in: Contract Management

    This message was posted by a user wishing to remain anonymous Hi, When entering into a multiyear contract, does your Finance department set any thresholds for minimal discount which is required before your organization can contract? For example, ... More

  • Profile Picture

    Annual Vendor Reviews - Equifax

    This message was posted by a user wishing to remain anonymous It's that time of year again where we are conducting annual vendor reviews. How is this group of people obtain due diligence / annual review documentation from Equifax? More

  • Hi everyone - I represent the TPRM team from a US based GCC in India. We are engaging with a large Indian Private Bank. The Challenge we face now is that this Indian Bank is refusing to share any due diligence documents that pertains to Information/Cyber ... More

  • Posted in: Risk Assessments

    This message was posted by a user wishing to remain anonymous For financial institutions that deal with Down Payment Assistance Programs that require the sharing of NPI, how do you handle in the inherent risk associated with the information sharing ... More

  • Profile Picture

    Exit Strategy

    This message was posted by a user wishing to remain anonymous I am working with our Vendor Relationship Owners on the importance of having an exit strategy. I would like to use the information I have to incorporate some type of Exit Strategy Template ... More

    1 person likes this.
  • Profile Picture

    Third-party security risk management road map

    This message was posted by a user wishing to remain anonymous What items are being included in your program roadmap for future additions? Thanks More

  • Profile Picture

    Inherent Risk

    Posted in: Risk Assessments

    This message was posted by a user wishing to remain anonymous As a financial institution we are currently changing our Inherent Risk model. Does anyone have a third party onboarding template form they are willing to share that may align with our new ... More

  • Posted in: Risk Assessments

    Dear all, conducting inherent vendor risk assessment based on relevant questionnaire as per best practice is very important , I have an inquiry after getting the related answers how can I measure the OVERALL RISK LEVEL HIGH / MODERATE ... More

  • Profile Picture

    Vendor Categories

    Hi Neil, We are a Credit Union and just went through this project with my Vendor Manager Trainer. Here's what we came up with: Appraisers/Title Co. Attorneys Banking Technology Compliance Consulting – Non-Technical ... More

  • Profile Picture

    TPRM Platforms

    This message was posted by a user wishing to remain anonymous We're in the process of assessing various TPRM platforms with a focus on continuous monitoring. Does anyone have a scoring template that can be shared? More

  • Hi Everyone, kindly assist with templates for Standards in vendor criteria and ongoing monitoring. regards Lunathi More

  • Posted in: Contract Management

    Does anyone have any experience with price benchmarking SAAS providers or any useful tools/services/best practices for ensuring your organization is being offered a fair and reasonable price? Outside of obtaining multiple quotes from vendors with similar ... More

  • Looking for recommendations for a fourth party/subservice organization monitoring provider as part of Vendor Management. In addition, if anyone has a checklist they would be willing to share for this as well. Thank you! More

  • Profile Picture

    Ongoing Monitoring Tasks (Documents and Due Dates)

    This message was posted by a user wishing to remain anonymous This message was posted by a user wishing to remain anonymous I'm wondering how everyone is completing their ongoing monitoring documents. For example: Do you reach out every time ... More

  • Profile Picture

    TPRM Job Descriptions

    This message was posted by a user wishing to remain anonymous Good afternoon. My company is looking to develop a new enterprise role for a Third Party Risk Manager that will help facilitate third party risk across the various business units. Would ... More

  • Profile Picture

    SOW Risk Assessment

    Posted in: Risk Assessments

    Hello, several questions here... How are you assessing risk at a SOW level? Beginning very simply, how can my organization roll this out to assess all of our SOWs? Is there a simple template anyone can share please? Also, how are you tracking the ... More

  • Hi, Has anyone hired any consultant to come in to assess your TPRM program? We are looking to expand to include all third parties and mature the program and are interested in an outside assessment to give us direction. Any recommendations would be helpful! ... More

    2 people like this.
  • Profile Picture

    Contact Info for World Check

    This message was posted by a user wishing to remain anonymous We just completed an acquisition of a bank that uses World Check and want to begin our DD process. So, if you use World Check, would you provide your contact name, phone and email. Thank ... More

  • Profile Picture

    Suppliers providing COTS Software

    This message was posted by a user wishing to remain anonymous Good day Community! I am in need of some suggestions or recommendations. We are currently looking to enhance our Information security due diligence for suppliers providing us with software. ... More

    1 person likes this.
  • This sounds very similar to our "partner" program. Prior to the creation of our TPRM team, there was no governance around these relationships. But now, we perform the actions Hilary called out: we have a direct contract with the partner, we perform ... More