Home

Search the Third-Party Risk Management Community

Popular Search Topics: SOC Documents, BCP, Another

Latest Topics

Latest Discussions

  • RE: Vetting SaaS Vendors

    By: Christine Kitamura , 13 hours ago
    Posted in: Information Security

    I'm glad my answer was helpful! The CAIQ I mentioned before is designed to assess the security controls of all three providers – SaaS, IaaS, and PaaS. The questionnaire contains yes/no questions, which makes it easy to determine whether the ...

  • RE: Suppliers providing COTS solutios

    By: Mandy de Kock , 14 hours ago
    Posted in: Information Security

    Good day Jamie, Thank you for this insightful information - much appreciated! What we attempt in our assessment (my team is only responsible for the Security assessment aspect) we have the basic questions in terms of Security posture, policies, ...

  • RE: Vetting SaaS Vendors

    By: Anonymous Member , 14 hours ago
    Posted in: Information Security

    This message was posted by a user wishing to remain anonymous Thank you for this insightful information Christine! How would you recommend vetting for IaaS and PaaS supplier (only in terms of the Security Controls)? Anyone in the community ...

  • RE: Vetting SaaS Vendors

    By: JOSE Morales , yesterday
    Posted in: Information Security

    Michael, please see the HECVAT (Higher Education Cloud Vendor Assessment Tool) that's used by Universities to assess cloud vendors. These questions apply to any cloud vendor. Here's the link: Higher Education Community Vendor Assessment Toolkit ...

  • RE: Broker Due Diligence

    By: Larry Timmins , yesterday
    Posted in: Due Diligence and Ongoing Monitoring

    Hi there, By "Bank", it is correct to assume sub-prime mortgage bankers/lender is what you mean by "non-traditional bank"? I managed a web-based inter-business hosted lead and application tracking solution (in 1996, we didn't call it a ...

Upcoming Webinars

Getting Involved in the Community

Most Active Members

Most Popular Communities

community-icon1.png

Topic Communities

Join a community dedicated to an area of third-party risk including contracts, infosec, risk assessments, policies, and more.

 

community-icon2.png
Special Interest Communities

Network with others who are running very mature or complex programs at their organizations that require a unique way of thinking. 

community-icon3.png
Product Communities

Meet, connect, and network with other users using the same third-party risk tool as you - get support and share new ideas and best practices.

community-icon1.png

Resources Library

Download the latest guides, infographics, samples, whitepapers, checklists, and more that can help guide you through best practices on third party risk.

Visit Resources

community-icon2.png
Live Webinars

Register and join live webinars to learn current trends and best practices from knowledgeable experts. Free CPE eligible webinars.

Register Now

community-icon3.png
Venminder Academy

Make sure to sign up to our notification list and be one of the first to know about our self-paced eLearning courses.

Get Notified

Explore the Venminder Platform