Latest Discussions

  • I am interested in finding out if anyone has developed an incident report that you use when a third-party has reported to you that a cyberattack/data breach has hit their systems? Is there a ...

  • Profile Picture

    RE: FinTech

    Posted in: Exams or Audits

    As a financial institution, our Bank has been onboarding many FinTech Partnerships. The OCC supplemental bulletin 2017-7 (I believe) regarding FinTechs recommends the same third-party processes ...

    1 person likes this.
  • Profile Picture

    RE: Risk Register

    Posted in: Risk Assessments

    Sheila, I hope I'm not too late to the party to share a thought. I have a couple recommendations for monitoring and tracking QOS. First, I recommend you build a QOS Questionnaire within your ...

  • Posted in: Reporting

    Our survey will be out soon but typically, we have found that approx 10% of the vendors come out as Critical and about 20% as High risk... based on not only our survey but also many conferences ...

Trending Discussions

  • Profile Picture

    RE: GLBA help...

    Yes as part of our onboarding and/or periodic review process, the due diligence package for all cloud vendors or Critical/High rated vendors requires a SOC to be collected and reviewed by our ...

  • Profile Picture


    This message was posted by a user wishing to remain anonymous I'm interested in knowing how others are handling CCPA requirements. Do you take the position that you are not responsible for ...

Most Recent Announcements

  • Happy New Year - We Want Your Feedback!

    Happy New Year ThinkTank members! We hope you've found the community discussions this past year to be enlightening and engaging. As we head into 2020, we want to hear your thoughts and feedback as it'll help us continue to understand what you'd like to see more of in the Third Party ThinkTank Community. What will help you the most?  Feel free to share your thoughts by messaging me directly.  Brittany ... More
  • Community Update - 600+ Members

    Hi Everyone, I wanted to provide an exciting update! The community has now surpassed 600 members and we see wonderful discussions going. We hope you’re finding them valuable. It’s our goal to always provide you a dedicated space to network, collaborate and stay educated. As we continue to grow the community, we would love your feedback. If you ever have any questions or thoughts on changes ... More

Communities Built For You


Topic Communities

Join a community dedicated to an area of third party risk including contracts, infosec, risk assessments, policies and more.


Special Interest Communities

Network with others who are running very mature or complex programs at their organizations that require a unique way of thinking. 

Product Communities

Meet, connect and network with other users using the same third party risk tool as you - get support and share new ideas and best practices.

Learning Center


Resources Library

Download the latest guides, infographics, samples, whitepapers, checklists and more that can help guide you through best practices on third party risk.

Visit Resources

Live Webinars

Register and join live webinars to learn current trends and best practices from knowledgeable experts. Free CPE eligible webinars.

Register Now

Venminder Academy

Coming early 2020! Don't miss out - make sure to sign up to our notification list and be one of the first to know about our self-paced eLearning courses.

Get Notified

Learn more about the Third Party ThinkTank Community


The professionals who take on the job of third party risk ensure the right steps are taken to protect their organizations from vendor risks and avoid costly regulatory enforcement actions. While risk comes in many forms - a good third party risk management program can help address financial, reputation, credit, operational risk and much more during the business lifecycle. 

This dedicated and free community is open to those involved in or running third party risk management programs at their organization. Inside you have the opportunity to network, share stories, ask questions, give advice and gain access to a vast library of educational content, webinars and training opportunities. 


Latest Articles

  • Your plate is full. Your third party risk management team is falling behind and struggling to keep up with the volume of work, more so than ever now, as there’s such a regulatory emphasis on the ongoing monitoring nature or lifecycle approach to vendor risk management.
  • In third party risk management, each passing year provides more unique perspective. In 2019, there was certainly a strong focus on data security, clarifying unclear regulations – like “abusive” in Unfair, Deceptive, Abusive Acts or Practices (UDAAP ) – and more. And, there were absolutely a few lessons learned.