Cost is not a risk factor, however risky vendors can cost!. For example: A vendor that we spend $2k with that has a ton of PII, could have poor controls, which could lead to "bad" things which could cost your company mare than just the $2k you spend with them.
Pam Streifel, SILA-F
Ethics & Compliance, Third Party Risk Management
Allianz Life Insurance Company of North America | www.allianzlife.com
Allianz. For all that's ahead.
Original Message:
Sent: 3/9/2023 3:27:00 PM
From: Jen Wheeler
Subject: RE: Cost Consideration for Criticality
We were using a cost consideration. It had been previously set at $100k, but we bumped it to $250k last spring. Now after some internal changes, we just tossed it out altogether, which I was not 100% in favor of to be honest.
Original Message:
Sent: 03-09-2023 01:31 PM
From: John Swenson
Subject: Cost Consideration for Criticality
We currently do not use a monetary threshold for our critical vendors.
Original Message:
Sent: 03-09-2023 01:04 PM
From: Anonymous Member
Subject: Cost Consideration for Criticality
This message was posted by a user wishing to remain anonymous
In addition to the standard criticality considerations (operational disruption, customer impact, etc.) our organization will also consider a vendor critical if the initial investment or annual commitment is over a certain dollar threshold. Is anyone else employing this methodology or does anyone see any concerns with this approach?
Thank you