Hi, we do assessments based on the inherent risk rating of High every year, medium every 2 years and low every 3 years. The category managers are responsible for going in an initiating the assessment. I like to provide my category managers a risk assessment schedule, as that will help them plan on what assessments are coming up so they can manage their portfolio better.
Hope this helps :)
Original Message:
Sent: 04-08-2026 02:12 PM
From: Tracy Quick
Subject: Ongoing Risk Assessments
How are you all doing your ongoing Risk Assessments within Venminder? Are you just having product managers go in and do new Risk Assessments every year/two years/etc. based on the risk rating? We are wanting to implement ongoing reviews, but we have a lot of vendors so doing new risk assessments every year for so many vendors is seeming unwieldy - has anyone come up with a better way?
-------------------------------------------