We are in the process of signing on with an Executive Recruiting Vendors. It will most likely be a very limited use, as it will only be used for executive recruiting.
My question is, in the past these firms were out of scope for us. Should we change that?
How do we add them to venminder? I really don't think they should be added to our vendor list, but I want to know what the community thinks.
You will want to consider reputational risk, onboarding risk.
Deidra's reply is a sound path to consider.
Offer, also consider what external controls are related to the engagement that would need to be assessed.
If there are controls outside the Org that present inherent risk that are outside tolerance; here, it would be on my Third-Party Registry as there would be the need for continuous due diligence for the life cycle of the engagement.
We have vendors that have no access to member information, but we want to track the contract such as consultants. So, we add them as Exempt, from Due Diligence, and enter the contract information. So far it has worked out pretty well.
Hope this is helpful.
We don't use Venminder, but do the same within our system. We also track our branch leases this way, so we know when they are up for renewal, expire, etc. It works out nicely.