This message was posted by a user wishing to remain anonymous
The frequency in which you review vendor due diligence depends on your TPRM Program specifications. For low or moderate risk vendors, it is not necessary to run a background check annually so long as initial due diligence was complete.
Our organization reevaluates low-moderate risk vendors every 2-5 years, or whenever there is a change in the service agreement.
Original Message:
Sent: 05-15-2023 06:25 PM
From: Anonymous Member
Subject: Vendor Background Check
This message was posted by a user wishing to remain anonymous
Should we do a vendor background check for existing vendors annually or only when engaging with the vendor?