This message was posted by a user wishing to remain anonymous
I am responsible for vendor management at a smaller, local bank. We use some large scale vendors, particularly in IT, to help us compete with our larger competitors. However, I am having a hard time reviewing these vendors (Microsoft & AWS to name a few) because they will not give me all the due diligence I request. How can I still complete my review if I cannot review all of the documents I need?
My initial thought is to create an issue for all of the missing documents, assign it to the business unit leader, and have that person accept the risk. Are there any other ideas?