Unanswered Questions

  • Profile Picture

    Consultant for Salesforce Implementation

    This message was posted by a user wishing to remain anonymous We have recently engaged with a consulting firm to help implement Salesforce. What type of due diligence documents should we request for? They have access to NPPI More

  • Profile Picture

    Fourth-Party Template

    This message was posted by a user wishing to remain anonymous We found this third-party template in the Venminder Communities and were hoping if there is a fourth-party version. Or, if someone knows where we can get a fourth-party template, that would ... More

    1 person likes this.
  • Hi everyone, Could someone help me to identify the main restricted lists such as OFAC, UFLPA...? More

  • Profile Picture

    Ongoing Monitoring Tasks (Documents and Due Dates)

    This message was posted by a user wishing to remain anonymous This message was posted by a user wishing to remain anonymous I'm wondering how everyone is completing their ongoing monitoring documents. For example: Do you reach out every time ... More

  • Profile Picture

    TPRM Job Descriptions

    This message was posted by a user wishing to remain anonymous Good afternoon. My company is looking to develop a new enterprise role for a Third Party Risk Manager that will help facilitate third party risk across the various business units. Would ... More

  • Profile Picture

    SOW Risk Assessment

    Posted in: Risk Assessments

    Hello, several questions here... How are you assessing risk at a SOW level? Beginning very simply, how can my organization roll this out to assess all of our SOWs? Is there a simple template anyone can share please? Also, how are you tracking the ... More

  • Hi, Has anyone hired any consultant to come in to assess your TPRM program? We are looking to expand to include all third parties and mature the program and are interested in an outside assessment to give us direction. Any recommendations would be helpful! ... More

    2 people like this.
  • Profile Picture

    Contact Info for World Check

    This message was posted by a user wishing to remain anonymous We just completed an acquisition of a bank that uses World Check and want to begin our DD process. So, if you use World Check, would you provide your contact name, phone and email. Thank ... More

  • Profile Picture

    Suppliers providing COTS Software

    This message was posted by a user wishing to remain anonymous Good day Community! I am in need of some suggestions or recommendations. We are currently looking to enhance our Information security due diligence for suppliers providing us with software. ... More

    1 person likes this.
  • This sounds very similar to our "partner" program. Prior to the creation of our TPRM team, there was no governance around these relationships. But now, we perform the actions Hilary called out: we have a direct contract with the partner, we perform ... More

  • Profile Picture

    Procedure template

    Would anyone provide a template for your company's procedures? More

  • I've taken 3 CRVPM certification courses from Mick Kless at Compliance Education Institute, LLC. He's also got courses specific to certain things, like contract negotiation, compliance, etc. They recently added a certification course called Certified ... More

  • Hello-- I am interested if anyone is utilizing a service for Know-Your-Customer (KYC) and would have any recommendations. Thanks, Aaron Sparks More

  • Does anyone have a due diligence document checklist that they would be willing to share, that is tailored by vendor type or criticality? More

    1 person likes this.
  • This message was posted by a user wishing to remain anonymous How are other insurance companies handling Claims regarding their TPRM process? Interested in what is in scope, out of scope, and the criteria used to determine this along with any rationale. ... More

  • Hi TPRM Colleagues - Just reaching out to see if your organization uses a service provider to conduct financial and reputational reviews to support supplier due diligence and ongoing monitoring. If so, it would be very helpful to know who ... More

  • Profile Picture

    Exit Plans

    This message was posted by a user wishing to remain anonymous Do you have documented exit plans for your vendors? If so, how are you documenting those and what are you including in the documents? We are planning to start with critical vendors and have ... More

  • Hi Michelle, We outsource the periodic (and sometimes initial) reviews for all of our Critical and some of our Significant vendors each year to the company we use for our ERM Suite, (which includes Vendor Management). They collect and review documentation ... More

  • With our BaaS opportunities and working with a company based out of Sweden, they have advised that DORA and SOC2 are similar and I am seeking any guidance on this topic from this community. We read that EY consultants met with leaders from the Swedish ... More

  • Posted in: Reporting

    Hi all, Could anyone share TPRM escalation matrix template. Which will cover both internal (TPRM team) & external (Vendor) escalation matrix. Thanks in advance. - Srinivasa More