One of the first activities in the third-party risk management lifecycle is completing an inherent risk assessment to identify the different types and levels of inherent risk and whether the vendor is critical to your operations. This process must be thorough to generate an accurate risk rating. Learn steps to complete an inherent risk assessment and learn potential questions to ask through the complementary sample vendor questionnaire.