Unanswered Questions

  • Profile Picture

    Risk Appetite Statements

    This message was posted by a user wishing to remain anonymous Hi All, I'm in the financial services industry and am drafting our TPRM risk appetite statements. I've designed our approach so that it is very binary (go/no-go) pre-onboarding for new ... More

  • Profile Picture

    Sample Health Plan Risk Assessment

    Posted in: Risk Assessments

    This message was posted by a user wishing to remain anonymous Our health plan is working on maturing our vendor management program and would appreciate seeing any examples of inherent/residual risk assessments being used by other health plans. Thank ... More

  • Profile Picture

    Contract Management Checklist

    Posted in: Contract Management

    This message was posted by a user wishing to remain anonymous Good Morning, I am reaching out to see if anyone has a contract management checklist that you may be willing to share with me. I just inherited this task and would be grateful for any guidance ... More

  • Posted in: Risk Assessments

    Good Afternoon, I'm curious to hear perspectives on how your TPRM program treats third-party technology installed on-premise/on-site, versus a hosted or SaaS type relationship. We designed our risk assessment to elevate the risk of technology engagements ... More

  • Profile Picture

    Template for certification

    Posted in: Risk Assessments

    This message was posted by a user wishing to remain anonymous I am looking to upgrade our program and it's documentation. Does anyone have a document template that they are using and would be able to share that indicates if you have either passed or ... More

  • Profile Picture

    Non doemstic Fingerprinitng

    This message was posted by a user wishing to remain anonymous My company has a need to collect background checks/fingerprinting for nom-domestic SOW workers. We are a financial services firm and are currently manually processing fingerprints. I was wondering ... More

  • Profile Picture

    PCI Due Diligence

    Looking for some assistance..... Does anyone have an example or can describe how they incorporate PCI requirements in their initial risk and significance assessment? Besides the PCI DSS AOC, is there any other due diligence documents that you review ... More

  • Profile Picture

    VM with NRIM

    Hello Douglas Frey, I am interested in attending. Thanks! More

  • Hi Everyone, I work for Delaware North in Buffalo, NY, and we are a private hospitality and food service company focused on airports, parks, sporting events, restaurants, and gaming. I have 23 years of experience in banking and risk, but I'm now developing ... More

  • Posted in: Contract Management

    Is there anyone in the Scottsdale, AZ or Indianapolis, IN areas that could recommend their cleaning and shred vendors? More

  • Hi everyone, Hope all well! I remember there was a discussion happened sometime bk for creating a group of Third party risk management professionals from Non Banking sector.If the group is made please can someone add me in it.Thanks! Regards, Paya ... More

  • Profile Picture

    Request For Proposal Template

    This message was posted by a user wishing to remain anonymous Do any of you have a generic template for requesting RFP's? More

  • Posted in: Regulations

    Hi All I would like to understand how the below policy can be implemented for Third parties, what is the current practise. https://www.legislation.gov.uk/ukdsi/2015/9780111138847#:~:text=Section%2054%20of%20the%20Modern,by%20the%20Secretary%20of%20State ... More

  • Profile Picture

    Reg E: Requiring Autopay on Debt Settlements

    Posted in: Regulations

    This message was posted by a user wishing to remain anonymous I wanted to gather some thoughts from this community regarding Regulation E and recurring autopay. Abundantly aware a bank cannot require borrowers to set up recurring autopay on a loan. ... More

  • Profile Picture

    RPF

    Posted in: Contract Management

    Good Evening! Does anyone have any examples of RPFs you have in place and use? Thanks! More

  • Profile Picture

    New Low Risk Vendor Sample Questionnaire

    This message was posted by a user wishing to remain anonymous I am wondering if any one has a sample of a good questionnaire to create for when we are onboarding a new Low Risk vendor in venminder? Any information that you can shared will be greatly ... More

    3 people like this.
  • This message was posted by a user wishing to remain anonymous We have a customer that contracted with a third party to obtain security risk assessments from all the customer's technology vendors. We are one of their technology vendors so we just received ... More

    1 person likes this.
  • Profile Picture

    Wire confirmation/call back systems

    Posted in: Contract Management

    This message was posted by a user wishing to remain anonymous I work in a consulting type role and support various Private Equity firms with best practices around vendor management (and other operational topics). One of these firms has about 8,000 vendors ... More

  • It seems that the majority of people that are active on this forum work at banks. Working at a FinTech company that supports banks by providing a Mobile Banking Platform, our regulations and requirements (and possibly best practices) are different. ... More

  • Good morning. A public comment period is open for proposed SEC rules to enhance cybersecurity programs. It appears SEC follows path of NY DFS risk-based Cybersecurity requirements, but this time for investment firms, advisors and business development ... More