Here is the contract language I use as a starting point for third party contracting. I pull some of the language in or out based on the nature of the good/service being provided: Due Diligence. X shall have the right at its sole discretion, ...
Hello - Does anyone have contract language that can be shared for supplier contracts regarding due diligence requirements? Much appreciated! Thank you, Mollie
Hi Natalia, GM ongoing monitoring (OGM) frequency is set on inherent risk. It is consistent, unless the service changes. Also Residul Risk is a snap shot of control strength and controls are dependent on people, budgets, technology and a ...
We base our ongoing monitoring on two key factors, the vendor type (also known as category and/or tier) = critical, significant conventional and the residual risk = low, moderate, substantial or high. A critical third party provider with high ...
Hi, Here are some suggestions I wanted to share with you regarding assessing number of complaints and identifying red flags: Industry/volume dependency – The larger the industry, the larger the vendors or players in the marketplace. ...
Join a community dedicated to an area of third-party risk including contracts, infosec, risk assessments, policies, and more.
Network with others who are running very mature or complex programs at their organizations that require a unique way of thinking.
Meet, connect, and network with other users using the same third-party risk tool as you - get support and share new ideas and best practices.
Download the latest guides, infographics, samples, whitepapers, checklists, and more that can help guide you through best practices on third party risk. Visit Resources
Register and join live webinars to learn current trends and best practices from knowledgeable experts. Free CPE eligible webinars. Register Now
Make sure to sign up to our notification list and be one of the first to know about our self-paced eLearning courses.Get Notified