Home

Latest Discussions

  • Profile Picture

    RE: Risk assessments on non-vendors? What is a "Vendor"?

    By: AJ Galusha , 5 days ago
    Posted in: Risk Assessments

    We have a questionnaire that is asked of every vendor. But for low level vendors such as facility care we base it in part on building access. Do they have a badge and are they authorized to be ...

  • Profile Picture

    RE: Risk assessments on non-vendors? What is a "Vendor"?

    By: Kate Wakefield , 5 days ago
    Posted in: Risk Assessments

    The HVAC company incident was Target in 2014: https://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/ Kate Wakefield CISSP, CIPT, MPA Sr. Manager Security ...

  • Profile Picture

    RE: Risk assessments on non-vendors? What is a "Vendor"?

    By: Erik Goucher , 5 days ago
    Posted in: Risk Assessments

    Thank you for the insight Dave!

  • Profile Picture

    RE: Risk assessments on non-vendors? What is a "Vendor"?

    By: Dave Howe , 5 days ago
    Posted in: Risk Assessments

    It's a tricky path you ask about. Technically, a vendor is anyone you pay in order to receive goods and/or services. There are high profile cases where vendors that seemed to be below ...

Upcoming Webinars

Trending Discussions

  • Profile Picture

    Risk assessments on non-vendors? What is a "Vendor"?

    By: Erik Goucher , 5 days ago
    Posted in: Risk Assessments

    Hello, When do you know if you should perform a risk assessment on a vendor? How do you know it qualifies/does not qualify as a "vendor"? It feels counterproductive to perform a risk assessment ...

  • Profile Picture

    Risk assessment

    By: Payal Bhojwani , 10 days ago
    Posted in: Risk Assessments

    Hi All, Happy New Year! Is there a list of services outsourced by a financial institution which is out of scope for risk assessment like telephone and utility bills,statuatory and regulatory ...

Most Recent Announcements

  • Seeking Your Input - Annual TPRM Survey!

    By: Brittany Padgett Brittany Padgett , one month ago
    Hi Community Members, We’re looking for your valuable input! Venminder is conducting their annual survey for the State of Third-Party Risk Management 2021 whitepaper and we’re hoping you may have 5 minutes to spare to help out and take the survey. The complimentary whitepaper will be released in early January and will provide you with industry trends and data that you can use to compare your own ... More

  • Community Update - 1,000 Members

    By: Brittany Padgett Brittany Padgett , 6 months ago
    Hi Everyone, I want to share some very exciting news with you all. We have reached 1,000 community members! This is a milestone we’re very proud of and it’s all thanks to the fantastic third-party risk conversations you all are having every day. As always, please let me know if you have any thoughts or feedback on ways that we can improve the community. In the meantime, here are some links ... More

Communities Built For You

community-icon1.png

Topic Communities

Join a community dedicated to an area of third party risk including contracts, infosec, risk assessments, policies and more.

 

community-icon2.png
Special Interest Communities

Network with others who are running very mature or complex programs at their organizations that require a unique way of thinking. 

community-icon3.png
Product Communities

Meet, connect and network with other users using the same third party risk tool as you - get support and share new ideas and best practices.

Learning Center

community-icon1.png

Resources Library

Download the latest guides, infographics, samples, whitepapers, checklists and more that can help guide you through best practices on third party risk.

Visit Resources

community-icon2.png
Live Webinars

Register and join live webinars to learn current trends and best practices from knowledgeable experts. Free CPE eligible webinars.

Register Now

community-icon3.png
Venminder Academy

Coming in 2020! Don't miss out - make sure to sign up to our notification list and be one of the first to know about our self-paced eLearning courses.

Get Notified

Learn more about the Third Party ThinkTank Community

learnmore-image-300.png

The professionals who take on the job of third party risk ensure the right steps are taken to protect their organizations from vendor risks and avoid costly regulatory enforcement actions. While risk comes in many forms - a good third party risk management program can help address financial, reputation, credit, operational risk and much more during the business lifecycle. 

This dedicated and free community is open to those involved in or running third party risk management programs at their organization. Inside you have the opportunity to network, share stories, ask questions, give advice and gain access to a vast library of educational content, webinars and training opportunities. 

Learn More   GETTING STARTED

Most Active Members

Latest Articles

  • What to Have Available for Vendor Management Examiners

    23 hours ago
    The best strategy for preparing for an examination is vigilance. Vigilance in the third-party risk world means you’re always prepared and ready to answer any auditor's or examiner’s document request well ahead of time. By keeping everything up to date, you avoid the crush to meet your examiner’s deadlines.

  • Why Cybersecurity Professionals Are Important in Vendor Management

    yesterday
    While cybersecurity has been more critical than ever since we decided to move all our business operations online, there has perhaps been no greater reminder just how important it is to safeguard our sensitive data than the calamities we lived through in 2020. Bad actors scamming everyone they can, data thieves stealing intellectual property and identity thieves hard at work while the rest of the world has scrambled to adjust to drastically different working and living conditions.

  • SolarWinds Data Hack Is a Reminder Why Third-Party Risk Management Is Important

    3 days ago
    As third-party risk professionals, we’re all too familiar with data breaches and bad actors. And, when a really nasty one occurs, especially one that could potentially threaten national security, we feel the effects alongside the rest and are strongly reminded why third party-risk management is so important.
View More