Skip main navigation (Press Enter).

Risk Assessments

View Only

Ncontracts State of TPRM 2026

Back to discussions

Expand all | Collapse all

Vendor Research - Enforcement Action

Ashley Markwick02-07-2025 02:21 PM

Hi everyone! Currently, as part of our risk assessment/due diligence we research vendors via the following: ...

Rich Sanders02-07-2025 02:27 PM

From more of an IT view: Virustotal can see if any security vendors have flagged a vendor's URL as ...

1. Vendor Research - Enforcement Action

Like
Ashley Markwick
Posted 02-07-2025 02:21 PM
Hi everyone!

Currently, as part of our risk assessment/due diligence we research vendors via the following:

Better Business Bureau

CFPB

FTC

Google

Vendor's website

Vendor references

OFAC checks

I am interested to learn what other organizations are utilizing to research their vendors for complaints and enforcement actions. Please share your resources.

Thank you!

Ashley M.

Risk and Compliance Rep
2. RE: Vendor Research - Enforcement Action

Like
Rich Sanders
Posted 02-07-2025 02:27 PM
From more of an IT view:
Virustotal can see if any security vendors have flagged a vendor's URL as malicious.

https://www.virustotal.com/gui/home/url

NIST's National Vulnerability Database can be helpful to see if any of the vendor's offerings have vulnerabilities reported.

https://nvd.nist.gov/vuln/search

Powered by Higher Logic

Global message icon