Venminder has a team of due diligence experts who can significantly reduce your vendor management workload. Venminder also has a software solution to organize, track and report findings to Senior Management, the Board of Directors and, ultimately, the examining bodies.
Why Third-Party Risk Management Matters in a Struggling Economic Climate
The economy has faced many challenges the past few years, from the pandemic, supply chain issues, ongoing global wars, and others. These events present many challenges for organizations and their looking to cut costs. As a result third-party risk management teams are on the chopping block.
1/24/2024 • 6 minutes, 21 seconds
Interview: Andrew Moyad, CEO of Shared Assessments
In this interview, Andrew discusses how cyber insurance is important for your third-party risk management program, what it generally covers, what it doesn't cover, and more.
1/17/2024 • 52 minutes, 37 seconds
Third-Party Risk Management Recommendations for 2024
In this informative podcast, learn 4 key recommendations to implement in your third-party risk management programs to mitigate and manage vendor risk this upcoming year.
12/27/2023 • 5 minutes, 13 seconds
Third-Party Risk Management Takeaways From 2023
In this podcast, we'll reflect back on what's been happening in the world of third-party risk this year. We've included five takeaways, from AI to the fall of Silicon Valley Bank. Listen now!
11/29/2023 • 5 minutes, 30 seconds
Interview: Tom Rogers, Founder and CEO at Vendor Centric
Throughout this interview, Tom Rogers defines the characteristics that make up a fourth-party vendor and uncovers the steps to manage them. Listen to this interview to learn about fourth party due diligence, regulations, and best practices.
11/16/2023 • 16 minutes, 20 seconds
Drafting Cybersecurity Requirements Into the Vendor Contract
Learn best practices that should be included in your third-party risk management program to ensure you keep your organization protected from data breaches and other cybersecurity incidents.
10/18/2023 • 4 minutes, 44 seconds
Manage Large Vendors Successfully in Your Third-Party Risk Management Program
Partnering with a large well-known vendor can prove to be beneficial. However, in some instances larger vendors can be more difficult to effectively manage. Learn the essential tips and best practices to mitigate vendor risk with your large vendors.
9/28/2023 • 5 minutes, 45 seconds
Interview: Mike Morris, Principal at Wipfli
Throughout this interview, Mike Morris Highlights the SEC Proposed Outsourcing Rule and it's impact on vendor risk management. Listen to learn answers to common questions, tips and suggestions, as well as a general overview of the SEC Proposed Outsourcing Rule.
9/22/2023 • 25 minutes, 47 seconds
Board Oversight in Third-Party Risk Management and Regulatory Exams
Regulatory examiners have distinct expectations when it comes to the boards involvement in third-party risk management. Listen to learn the board's place in regulatory exams, and how you can lend a helping hand.
8/23/2023 • 5 minutes, 3 seconds
Leverage Resources for Increased Third-Party Risk Management Value
Although your organization may have limited resources for your third-party risk management program, you don't have to fall behind. Even smaller teams can manage the complex and interrelated processes involved in TPRM by using software.
7/19/2023 • 5 minutes, 25 seconds
Tips to Improve Collaboration With Vendor Owners
Collaboration with vendor owners involves a lot of day-to-day activities, spanning across the three stages of the third-party risk management lifecycle. This podcast outlines useful tips that can improve collaboration between your third-party risk management team and your vendor owner.
6/28/2023 • 3 minutes, 51 seconds
Identifying and Documenting Third-Party Risk Management Issues
No matter the vendor, there may be issues that arise at any point in the vendor relationship. In this podcast, learn examples of third-party risk management issues you may encounter.
5/17/2023 • 4 minutes, 14 seconds
Mitigate Supply Chain Risk With Third-Party Risk Management Best Practices
Effective third-party risk management can help your organization mitigate supply chain risk. Natural disasters and cyberattacks are just two examples of business disrupting events. This podcast outlines four examples of TPRM can help you mitigate supply chain risk.
4/18/2023 • 3 minutes, 44 seconds
Vendor Financial Importance in Today's Business Climate
In today's business climate vendor financial health monitoring is important. There are several factors to consider when reviewing vendor financial health including, inflation, political instability, and more.
3/22/2023 • 5 minutes, 49 seconds
6 State Of Third-Party Risk Management Highlights For 2023
After conducting our State of Third-Party Risk Management Survey in November of last year, we've analyzed the results and found six highlights that you should pay close attention to this upcoming year.
2/22/2023 • 6 minutes, 34 seconds
The Value of On-Site Vendor Visits
Even in today's increasingly remote working environment, you need to perform on-site vendor visits. In this podcast, we'll highlight 6 reasons on-site vendor visits are a valuable part of your due diligence practice.
1/18/2023 • 6 minutes, 13 seconds
6 Third-Party Risk Management Best Practices for 2023
For many, 2022 was a challenging year. From supply chain disruptions to regulatory updates, and the threat of malicious actors. In this podcast, learn six TPRM best practices to bring into 2023.
12/14/2022 • 4 minutes, 45 seconds
5 Advantages of Outsourcing Third-Party Risk Management Tasks
TPRM involves many activities that can take up a lot of your team's times and resources. In this podcast, learn 5 advantages of outsourcing your third-party risk management tasks.
11/15/2022 • 4 minutes, 10 seconds
How to Safeguard Your Organization From Third-Party Cyber Risk
Protecting your customers' sensitive information is important. It's important to understand the weaknesses and risks associated with your vendors. In this podcast, learn how to safeguard your organization from third-party cyber risk.
10/12/2022 • 2 minutes, 19 seconds
4 Best Practices for Critical Vendor Contract Management
When dealing with your critical vendors, it's necessary to ensure that all parties know what is expected of them and what the dealbreakers are in the relationship. Learn 4 best practices of critical vendor contract management in this podcast.
9/7/2022 • 2 minutes, 27 seconds
How to Create a Vendor Risk Management Program for a Health Organization
Keeping the patient proactive care model in mind when considering third-party risk management is important. This podcast highlights 4 steps to take in creating a TPRM program for a health organization.
8/10/2022 • 1 minute, 36 seconds
How to Prepare Your Vendors for ESG Disclosures
Although there is still limited legislation on mandatory ESG disclosures, regulators are continuing to address issues like climate change and modern slavery. This podcast highlights three ways you can help your vendor prepare for ESG disclosures.
7/20/2022 • 2 minutes, 23 seconds
4 Exit Strategies for Offboarding a Vendor
Having an exit strategy in case your vendor relationship must come to an end is crucial. When faced with offboarding a vendor, you'll want to avoid any surprises. Learn 4 exit strategies in this informational podcast.
6/8/2022 • 1 minute, 44 seconds
3 Frequent Mistakes Regarding Vendor Financials
Vendor financial health includes many factors that your organization should be cognizant of and reviewing accordingly. This podcast highlights three mistakes to avoid and ensure there is comparability and consistency across your vendor financial reviews.
5/18/2022 • 1 minute, 55 seconds
The Stages in the Third-Party Risk Management Lifecycle
There is a beginning and end to every third-party relationship. In this informative podcast, you’re going to learn the stages of the third-party risk management lifecycle and a little about each one.
4/26/2022 • 2 minutes, 5 seconds
How to Mitigate Vendor Risk
Mitigating vendor risk is an important component of your third-party risk management program to ensure that your overall business operations can continue on. This podcast highlights what you need to do to mitigate vendor risk.
3/16/2022 • 2 minutes, 13 seconds
Top 4 Third-Party Risk Management Trends
Venminder's State of Third-Party Risk Management survey highlighted the top 4 trends for TPRM in 2022. Listen to this podcast to learn what they are.
2/16/2022 • 2 minutes, 13 seconds
3 Vendor Management Best Practices for 2022
2022 is sure to be full of uncertainties and challenges for vendor management. Listen to this podcast that highlights 3 best practices to follow this year.
1/12/2022 • 1 minute, 48 seconds
3 Third-Party Risk Management Lessons Learned in 2021
This podcast highlights three main third-party risk management lessons in 2021. Listen on to learn how your organization can use these lessons to prepare for 2022.
12/8/2021 • 2 minutes, 16 seconds
4 Tips for Building a Third-Party Risk Management Program
Tune in to our latest podcast to learn four tips to build a successful third-party risk management program. What to include, who's involved and more.
11/10/2021 • 1 minute, 44 seconds
What to Review in a Third-Party Incident Response Plan
In this podcast you will learn the four things to review in a third-party incident response plan and understand how your vendor will respond to an incident when it happens.
10/13/2021 • 2 minutes, 6 seconds
Interview: Michael Kossman, Chief Operating Officer and Chief Compliance Officer at Aspiriant
Throughout this interview Michael highlights the importance of third-party risk management, the challenges his firm faced when implementing a TPRM program and best practices for board and senior leadership involvement in third-party risk management.
10/6/2021 • 27 minutes, 10 seconds
What Is a Vendor Confidentiality Agreement?
Listen to this podcast to get an understanding of what a vendor confidentiality agreement is and why it's important in third-party risk management strategy
9/15/2021 • 1 minute, 36 seconds
How to Get From Inherent Vendor Risk to Residual Risk
Tune in to this podcast where we explain how to get from inherent vendor risk to residual risk. Learn how to calculate these risks with a quick example.
8/11/2021 • 2 minutes, 7 seconds
Various Types of Vendor Business Continuity and Disaster Recovery Testing
Listen in on this podcast that describes the various types of vendor business continuity and disaster recover testing. Learn the common tests that take place and what you should look for in your results.
7/14/2021 • 2 minutes, 14 seconds
3 Best Practices for Overseeing International Vendors
Listen to this 90 second podcast to learn the best practices for overseeing international vendors. Ensure you are doing your due diligence when vetting, understanding their financial documentation and obtaining references.
6/8/2021 • 1 minute, 50 seconds
What Is Vendor Compliance Risk?
Listen to this podcast to understand the basics of vendor compliance risk, understand the faults of these risks and how to protect your organization.
5/11/2021 • 1 minute, 57 seconds
What Is Third-Party Risk Management?
Understanding third-party risk management can be complex, but it doesn't have to be. Listen to this podcast to understand what third-party risk management is and how it is a valuable asset to your organization.
4/21/2021 • 2 minutes
5 Acceptable Financial Documents if a Vendor Is Privately Held
Learn about acceptable documents to request from your privately held vendors, how to assess their risk, and understand their financial state.
4/14/2021 • 2 minutes, 12 seconds
Who Is Involved in Third-Party Risk Management?
Understanding the key roles involved in third-party risk management is important to you and your organization. Learn their responsibilities and how they fit into your third-party risk management program.
4/6/2021 • 2 minutes, 30 seconds
3 Tips to Avoid a Vendor Fooling You
There are vendor management best practices you should be aware of to help avoid being deceived by a vendor. Listen to this podcast to quickly learn three tips to help you with the process.
3/31/2021 • 1 minute, 29 seconds
4 Tips To Dust Off An Outdated Vendor Management Process
Spring is around the corner and it’s the perfect time to dust off your vendor management program and clean up your processes. This podcast covers some tips that you need to know when improving your approach to third-party risk management
3/10/2021 • 1 minute, 44 seconds
Vendor Due Diligence Fast Facts To Know
Due diligence is a critical step in the vendor lifecycle, and when done properly, can set your organization up for success. Find out how to get started with the process by listening to this week’s podcast that covers fast facts you need to know.
3/3/2021 • 1 minute, 13 seconds
5 Tips for Offboarding Vendors
No one wants to go into a vendor relationship planning for it’s demise – but it happens! If you have a vendor that is no longer meeting your organization’s needs, make sure you listen to this week’s 90-second podcast to hear about how you can successfully offboard one of your vendors.
2/17/2021 • 1 minute, 49 seconds
The Differences Between a Vendor Questionnaire and Assessment
It’s a common misconception that a vendor questionnaire and vendor assessment are the same thing – but they actually have key differences that it’s important you understand. Listen to this podcast to hear more about the differences between questionnaires and assessments and why your organization needs both.
2/10/2021 • 1 minute, 29 seconds
What Is Ongoing Vendor Due Diligence?
Ongoing vendor due diligence, or ongoing monitoring is one of the most important steps in the vendor lifecycle. Find out what you need to know about the process and the key points of ongoing vendor due diligence that you should be aware of in this 90-second podcast.
2/3/2021 • 1 minute, 56 seconds
How to Create Third-Party Risk Management Procedures
Creating and keeping your procedures documentation updated is a key step to achieving vendor management success. Listen to this week's 90-second podcast to help you accomplish this with five creation tips.
1/20/2021 • 1 minute, 33 seconds
7 Unique Vetting Elements for Core Processing Vendors
Are you selecting a core processing vendor? There are some things that you need to make sure you're considering. Listen to this 90-second podcast to learn about the factors you need to keep top of mind.
1/13/2021 • 2 minutes, 4 seconds
Why Vendor Management Is Important
New to third-party risk management? Get back to the basics with a breakdown of what vendor management is and some important tips to help get you started with this 90-second podcast.
1/6/2021 • 1 minute, 46 seconds
4 Main Third-Party Risk Management Updates from 2020
2020 was certainly an interesting year and had major industry updates because of the pandemic. Find out what important lessons you need to be aware of going into the new year so you can be more successful in vendor management.
12/16/2020 • 1 minute, 40 seconds
5 Vendor Risk Management Tasks to Do Before the End of the Year
The end of the year is upon us and there are certain vendor management tasks that must be completed. This 90-second podcast covers a few of the items that you should tackle before the end of the year to be better prepared for 2021.
12/3/2020 • 1 minute, 55 seconds
4 Tips for Gathering Useful Vendor Management Resources
In the spirit of Thanksgiving, we want to help you figure out the best way to gather vendor management resources. Listen to this 90-second podcast that covers some of our useful tips to help you stay on top of new third-party risk management news and resources.
11/18/2020 • 1 minute, 35 seconds
Raking in Vendor Risk Management ROI
Vendor risk management is a necessary investment and it can have a significant ROI for your organization. Listen to this week’s podcast for the top three benefits and ROI you can achieve by investing in third-party risk management.
11/4/2020 • 1 minute, 52 seconds
Scary Consequences of an Incomplete Vendor SOC Assessment
You need to be thoroughly analyzing your vendor’s SOC reports to ensure there is no missing or overlooked information that could negatively impact your organization. Find out what the three scariest consequences that can occur if you have a missing item on your vendor SOC report by listening to this week’s podcast.
10/21/2020 • 2 minutes, 4 seconds
5 Vendor Data Breach Precautions
If one of your vendors falls victim to a data breach, it can have a range of serious consequences for you organization. You can take proactive steps that will help you better protect your customers and reputation from a third-party data breach. Listen to this 90-second podcast for our top five tips.
10/14/2020 • 1 minute, 48 seconds
3 Vendor Information Security Best Practices
Having a strong information security policy is more important than ever with rising cybersecurity risks. Listen to this week’s 90-secnod podcast to understand why you need to evaluate your vendor’s information security procedures and three best practices we recommend for the process.
9/30/2020 • 2 minutes, 1 second
4 Fintech Vendor Management Tips to Meet Regulater and Client Expectations Podcast
In this week’s 90-second podcast, learn the top four expert tips that will help to help fintech organizations more successfully meet their client and regulator expectations.
9/23/2020 • 1 minute, 48 seconds
How to Maximize Your Third-Party Risk Management Budget
You can take specific steps that will help you maximize even the smallest budget for vendor management. Listen to this week’s podcast for the top three tips we recommend to help you make the most of your organization’s budget.
9/9/2020 • 1 minute, 43 seconds
Vendor Oversight Strength Depends on the Contract
If you have well-developed vendor contracts, then you are setting your organization up for success when it comes to vendor oversight. Find out the top three reasons why your vendor contracts directly affect your level of oversight.
9/2/2020 • 1 minute, 58 seconds
Interview: Chris Caputo, External Audit Coordinator at CMG Financial
Chris Caputo, External Audit Coordinator at CMG Financial, shares his thoughts on commonly seen vendor management struggles and how to overcome them. He also dives into the recent industry changes due to the pandemic, what to expect from a regulatory compliance perspective and discusses vendor risk management best practices from an auditor’s perspective.
8/19/2020 • 30 minutes, 7 seconds
Top 10 Vendor Contract Negotiation Tips
To be successful in vendor contract management you have to be effective in your negotiation efforts. To help you better manage this stage in the vendor contract process, listen to this week’s 90-second podcast for the top tips our experts recommend.
8/12/2020 • 1 minute, 54 seconds
5 Next Steps After You Receive a Vendor Contract
Once you receive a vendor contract, there are specific steps that you should take for a more successful process. This 90-second podcast covers the 5 most important steps our experts recommend you're following.
8/5/2020 • 1 minute, 37 seconds
7 Must-Haves for Vendor Management Examiners Right Now
The process of conducting vendor management exams has changed drastically during the pandemic. Whether your exam is conducted in-person or remotely, this podcast covers the 5 most important items you should always have prepared.
7/29/2020 • 1 minute, 44 seconds
Interview: Jenn Wilkinson, VP of Strategic Vendor Management at Cenlar FSB
Jenn Wilkinson, Vice President of Strategic Vendor Management at Cenlar FSB, shares her thoughts on how organizations are currently managing third-party risk and dives deeper into the process of building a vendor management program from the ground up. She also discusses why your program should be tailored to the specific needs of your organization, the importance of having a strong vendor management team and how the recent pandemic has brought third-party risk management challenges for the industry.
7/22/2020 • 23 minutes, 42 seconds
The Hazards of Incomplete Vendor Due Diligence
By not being aware of the hazards of incomplete vendor due diligence, you could be putting your organization at risk. Listen to this 90-second podcast for the most important hazards to know.
7/15/2020 • 2 minutes, 13 seconds
3 Questions to Include in Vendor Information Security Assessment Questionnaires
Asking the right questions in your vendor information security assessment questionnaires can prevent future headaches down the road. Listen to this week’s podcast to find out three important questions we recommend you include in your questionnaire.
6/24/2020 • 1 minute, 47 seconds
What Is Vendor Business Continuity Management?
Understand the basics of business continuity management with this 90-second podcast that breaks down what you need to know about the process.
6/24/2020 • 1 minute, 41 seconds
5 Requests to Always Negotiate into a Vendor Contract
There are important requests you need to include in all of your vendor contract negotiations. These 5 will help set your organization up for success. Find out what they are by listening to this podcast.
6/24/2020 • 2 minutes, 2 seconds
Handling Problem Vendors
Listen this roundtable discussion to hear from three third-party risk management experts as they share their thoughts on handling problem vendors who won't play nice in the sandbox.
6/2/2020 • 25 minutes, 57 seconds
5 Signs It's Time to Augment Third-Party Risk Staff
With so many different components and responsibilities involved in third-party risk management, organizations may not have the internal capabilities to properly manage every step of the process. Listen to this podcast to learn how to determine if your organization could benefit from outsourcing vendor management support.
5/27/2020 • 2 minutes, 10 seconds
7 Steps to Take When You Have a Vulnerable Vendor
You should be proactively taking steps to mitigate risks posed by potentially vulnerable vendors. This podcast covers seven steps you can take to ensure your organization is safe against vulnerable vendors.
5/20/2020 • 2 minutes, 13 seconds
Understanding Vendor Cybersecurity Posture with the CIA Triad
There are three key components of information security that you should monitor when analyzing your vendor’s information security strength. These components are known as the CIA Triad and the foundation for strong vendor cybersecurity posture. Listen to this 90-second podcast to understand the CIA Triad.
5/13/2020 • 2 minutes
10 Quick Signs Your Vendor's Financial Performance Is Declining
Monitoring your vendors and their financial performance is more important than ever with the current pandemic. Protect your organization by looking out for the 10 signs covered in this 90-second podcast that will indicate your vendor's financial performance is declining.
5/6/2020 • 1 minute, 51 seconds
5 Vendor Pandemic Planning Takeaways Learned from COVID-19
The recent pandemic is an important reminder that no organization is immune to business impacting events. To be better prepared for future situations similar to COVID-19, use these 5 takeways for third-party risk management.
4/29/2020 • 2 minutes, 10 seconds
What to Know About the FDIC Fintech and Third Parties Guide
There are specific third-party risk management regulatory requirements for banking and fintech organizations. Listen to this week's 90-second podcast to learn what you need to know about the FDIC guide for vendor risk management.
4/22/2020 • 2 minutes, 38 seconds
3 Constant Requirements in the Vendor Lifecycle
Each step in the vendor management lifecycle a unique process and recommended best practices. However there are 3 requirements that you should maintain throughout the entire cycle. Listen to this week's 90-second podcast to learn what they are.
4/8/2020 • 1 minute, 51 seconds
5 Next Steps After the Vendor Management Exam Concludes
While preparing for a vendor management exam is a crucial step in the process, how you follow-up after the exam is equally as important. Listen to this week’s 90-second podcast that will cover the 5 next steps you should be taking after a vendor management exam concludes.
4/1/2020 • 1 minute, 54 seconds
4 Ways to Optimize Ongoing Vendor Oversight
Ongoing oversight of your vendors is a key component of successfully managing third-party risk. By periodically conducting due diligence you will be able to ensure your vendors are still meeting your organization’s needs. This 90-second podcast covers 4 tips that will help get you started.
3/18/2020 • 2 minutes, 1 second
Overview of the 7 Pillars of Vendor Management
There are 7 fundamental elements of a strong vendor management. In this podcast we are going to dive a little deeper into what each pillar means and some ways to incorporate these pillars into your third-party risk program.
3/11/2020 • 1 minute, 30 seconds
4 Underlying Reasons Why Vendor Financial Reviews Are Critical
Does your organization understand your vendor’s financial viability and performance? If not, it’s important that you start. Here are 4 reasons why your vendor’s financial performance is crucial for your organization to report on.
3/4/2020 • 1 minute, 37 seconds
4 Tips to Help Make Vendor Management a Priority
Proper vendor risk management is important to meet regulatory guidelines and is a critical component to your organizations’ overall success. Listen to this podcast for 4 steps you need take in order to make third-party risk a key priority in your organization.
2/18/2020 • 2 minutes, 7 seconds
Who, What And Why Of A Vendor Risk Appetite Statement?
Do you need help getting started determining what your vendor risk appetite is? This podcast breaks down the common questions you may have when it comes to determining what your organization’s risk appetite is.
2/12/2020 • 2 minutes, 16 seconds
6 Tips for a Strong Vendor Management Program
Your vendor management program should be specific and unique to your organization’s needs. To help you be more successful, listen to the 6 best practices covered in this podcast for creating a solid third-party risk program.
2/5/2020 • 1 minute, 55 seconds
Understanding Initial Vendor Due Diligence
Initial due diligence is important for a few important reasons. Listen to this week’s podcast to break down what initial due diligence is, and why your organization should incorporate it into your vendor management program.
1/29/2020 • 1 minute, 36 seconds
The 6 Primary Categories Of Vendor Risk
Different types of vendor risk require unique approaches. This podcast breaks down the 6 main categories of vendor risk to help you improve your organization's overall approach.
1/22/2020 • 1 minute, 57 seconds
4 Similar Yet Different Vendor Management Concepts
Vendor management, enterprise risk management, vendor risk management and third party risk management each have a different meaning. Each concept brings varying components to an organization’s overall structure. Listen to this podcast to dive deeper into each concept.
1/8/2020 • 1 minute, 58 seconds
5 Next Steps To Address Repeat Vendor SLA Failures
When your vendor is repeatedly failing to meet the SLA requirements outlined in your contract it can have negative consequences on your organization. Use the 5 steps covered in this podcast to help you navigate how to manage vendor SLA failures.
12/31/2019 • 1 minute, 36 seconds
7 Steps to Take If It’s Time for a New Vendor in 2020
If your vendor is no longer meeting your organization’s needs, it may be time to start searching for a new vendor. Listen to this week’s 90-second podcast for 7 steps you should be taking if you think it’s time for a new vendor in 2020.
12/18/2019 • 1 minute, 42 seconds
4 Big Third-Party Risk Management Updates from 2019
Now that the year is coming to an end, it’s a good time to reflect on the big events that happened with third party risk management in 2019. Use the lessons and guidance learned this year to help your organization be more successful with vendor management in 2020.
12/11/2019 • 1 minute, 54 seconds
4 Best Practices to Improve Your Vendor Due Diligence Strategy
Managing vendor due diligence properly requires periodic updates to your process to ensure your organization is being as thorough and efficient as possible. Listen to this 90-second podcast to hear our expert tips for improving your vendor due diligence strategy.
12/4/2019 • 1 minute, 38 seconds
5 Best Practices of Successful Vendor Risk Assessments
One of the most crucial aspects of vendor management is performing a third party risk assessment. To help you get with this important part of the process, listen to this 90-second podcast that covers 5 best practices for conducting vendor risk assessments.
11/19/2019 • 1 minute, 47 seconds
8 Best Practices for Creating or Updating Your Vendor Management Program Documentation
Vendor management is constantly evolving and it’s important to keep your program as up to date as possible. Whether you’re creating your policy for the first time, or revisiting it, make sure you check out these 8 best practices to help get you started.
11/13/2019 • 1 minute, 33 seconds
Why Vendor Complaints Matter and What You Can Do
Customer complaints are a fact of life in the world we live in today. This is why you need to also monitor your vendor's complaints as a critical part of third party risk management. Listen to this week's 90-second podcast for more information.
11/6/2019 • 1 minute, 26 seconds
8 Benefits Of Vendor Risk Management
There are many benefits of vendor risk management. Understand why vendor risk is important and how to use these steps in your organization by listening to this 90-second podcast.
10/24/2019 • 2 minutes, 30 seconds
5 Tips For Budget Planning In Third-Party Risk Management Risk
Budget season is upon us! Prepare yourself and your organization by planning ahead now for third party risk. Listen to this 90-second podcast to hear 5 tips for budget planning for vendor risk management.
10/16/2019 • 1 minute, 30 seconds
Is Your Vendor's Cybersecurity Your Weak Link? Avoid the Horror
You need to protect your organization by reviewing your vendor’s cybersecurity posture to know if they are a weak link when it comes to protecting important data. Gain a better understanding of what specific items you need to look for in your vendor’s cybersecurity plan with this 90-second podcast.
10/9/2019 • 1 minute, 42 seconds
6 Best Practices For Managing Third-Party Cybersecurity Risk
You can respond, prevent and detect third party cybersecurity issues with proper vendor management processes in place. Listen to this 90-second podcast for 6 steps to take to manage third party cybersecurity risk.
10/2/2019 • 1 minute, 55 seconds
11 Items to Look for in Your Critical Vendor’s Business Continuity Plan
Proper vendor management requires you to periodically go update and improve elements of your program. To help, listen to this 90-second podcast to hear specific steps you can start taking today to improve your third party risk program.
9/25/2019 • 1 minute, 41 seconds
Interview: Glen Trudel, Banking and Corporate Attorney at Ballard Spahr, on Third-Party Risk
Glen Trudel, Banking and Corporate Attorney at Ballard Spahr, shares his perspective on regulatory compliances and his thoughts on the OCC’s Fintech charter. He also discusses general challenges organizations are facing when it comes to third party risk management and covers best practices to overcome those hurdles.
9/11/2019 • 19 minutes, 32 seconds
10 Ways to Improve Your Third-Party Risk Management Program
Proper vendor management requires you to periodically go update and improve elements of your program. To help, listen to this 90-second podcast to hear specific steps you can start taking today to improve your third party risk program.
9/4/2019 • 1 minute, 36 seconds
7 Steps To Take After Receiving A Vendor SOC Report
One of the most important steps in the vendor due diligence process is reviewing your vendor’s SOC report. Once you receive a SOC report from your vendor there are certain steps you can take to make the process more efficient. Listen to this week’s podcast to find out 7 steps to take once you receive a vendor SOC report.
8/21/2019 • 1 minute, 37 seconds
5 Ways to Prevent Problems in Third-Party Risk
The constant shift can lead to occasional problems in third party risk management. If you take the time to manage the process correctly and implement specific procedures it could help you avoid costly errors down the line. Listen to this week’s podcast to find out more about how to prevent third party risk problems.
8/14/2019 • 1 minute, 39 seconds
8 Steps to Prepare for a Third-Party Risk Management Examination or Audit
Prepping for an audit can be a stressful, especially if you are scrambling last minute to finish up vendor management tasks. However, you can help organize your team before you receive an exam or audit notice. In this 90 second podcast you’re going to learn 9 steps to help you prepare in advanced.
7/31/2019 • 2 minutes, 15 seconds
Interview: Jo Ann Barefoot, CEO at Barefoot Innovation Group, on Third-Party Risk
Jo Ann Barefoot, CEO at Barefoot Innovation group and Cofounder at Hummingbird Regtech, shares her thought provoking insight on how organizations are handling third party risk management in this industry interview. Using her extensive experience in the industry, Jo Ann shares best practices for dealing with regtech vendors – including tips for the vetting process and cybersecurity management.
7/17/2019 • 21 minutes, 10 seconds
3 Reasons to Keep Your Third-Party Risk Management Program Independent
Keeping your third party risk management efforts independent from other business processes is critical. In this 90-second podcast, we cover the 3 most important reasons why you need to keep third party risk workflows separate.
This Thought Leadership Interview features Michael Donnella, Corporate Compliance Officer of Murphy Oil Corporation. Michael shares his unique perspective on corporate compliance, and why having a culture of compliance in third party risk management is crucial for organizations. He also shares his thoughts on the current state of third party risk in the industry and challenges organizations face.
6/26/2019 • 32 minutes, 52 seconds
How to Determine Vendor Regulatory Risk
Regulatory risk is used to determine the vendor risk rating. Listen to this 90-second podcast to learn about how you can determine a vendor's regulatory risk.
6/12/2019 • 2 minutes, 6 seconds
5 Mid-2019 Tips to Be Proactive in Vendor Management
With 2019 well underway, we decided to put together some tips to help you stay proactive in vendor management. Listen to this 90-second podcast to get a quick refresher on third party risk best practices.
5/22/2019 • 1 minute, 28 seconds
Interview: Lori Frank, President and CEO at Argos Risk, on Third-Party Risk
This Thought Leadership Interview features Lori Frank, President and CEO of Argos Risk. During this thought-provoking interview, Lori covers current third party risk management challenges and shifts in ongoing monitoring trends that organizations are facing today. Lori also discusses in-depth best practices for third party risk and complaint management you can use to protect your organization.
5/8/2019 • 21 minutes, 47 seconds
Developing an Effective Complaint Management System
Your customers will complain at times. How your organization manages and responds to complaints has become critical. It also will help spot issues with vendors. Here are some tips to help you develop an effective complaint management system.
5/1/2019 • 2 minutes
Fourth-Party Vendor Risk Management
Fourth party risk is an important step in the vendor management process. In your contract with every one of your third party vendors you should include how you want your third party to handle communicating with you about a fourth party vendor. Here are some fourth party risk management steps you should take to better protect your organization.
4/24/2019 • 2 minutes, 31 seconds
5 Steps to Measuring Your Vendors Financial Health
Thoroughly evaluating a vendor’s performance is more than just about the numbers. It can help you discover weak financials which can indicate numerous risk factors. Here are 5 steps to measuring your vendor's financial health.
4/10/2019 • 1 minute, 19 seconds
6 Vendor Management Best Practices
Vendor contract management is the administration of written agreements with third parties that provide your organization with products or services. The process includes contract negotiation, creation, execution and analysis. In this 90 second podcast you’re going to learn what vendor contract management is and some best practices that we recommend.
4/3/2019 • 1 minute, 51 seconds
Interview: Jennie Fowler, Director of EPMO & Vendor Management Officer at ACA, on Third-Party Risk
This Thought Leadership Interview features Jennie Fowler, Vendor Management Officer with American Credit Acceptance. Throughout the interview, Jennie shares how financial institutions are doing in Third Party Risk Management and the current struggles that company’s are facing today. Jennie shares her experience and recommendations to help obtain buy in and support from the C-suite when it comes to vendor management.
3/13/2019 • 14 minutes, 40 seconds
Do I Have to Risk Rate Every Vendor?
Sometimes a vendor may not pose enough risk to an organization to make it needed to actively monitor; therefore, some organizations choose to write certain third parties out of scope. In this 90-second podcast, we will cover the steps you need to take to determine the vendors that need to be included in your vendor oversight and how to best assess risk.
3/6/2019 • 1 minute, 41 seconds
Interview: Nicole DeSantis, Associate General Counsel at Rabobank, on Third-Party Risk
This interview focuses on the unique perspective of Nicole DeSantis at Rabobank. Nicole discusses the three lines of defense model discussion and why this discipline should be implemented at your organization. She also talks about how there should be a well-developed vendor management structure at all organizations regardless of the size. And, as a GDPR expert, Nicole shares her thoughts on future GDPR implications on U.S. corporations.
2/20/2019 • 21 minutes, 38 seconds
8 Tips on Maintaining Good Vendor Relationships
Maintaining strong vendor management relationships will help lead to a successful partnership for your organization. In today’s podcast, we’ll cover 8 important tips to maintain good vendor relationships in 90 seconds.
2/13/2019 • 1 minute, 32 seconds
Your Third Parties - Potential UDAAP Risk
Since becoming one of the primary points of focus for the Consumer Financial Protection Bureau (CFPB), UDAAP has presented some concern to third party risk professionals. In this podcast we cover procedures and best practices to effectively manage UDAAP and your third parties.
2/6/2019 • 1 minute, 38 seconds
7 Reasons Why You Shouldn’t Use Spreadsheets for Vendor Risk Management
With the increase in regulations and vendor oversight requirements, managing your vendors with a spreadsheet will prove to be very inefficient. Here are 7 reasons why spreadsheets will not cut it anymore, especially in 2019.
1/31/2019 • 3 minutes, 35 seconds
4 Important Vendor Risk Management FAQs for Beginners
In today's podcast we’re going to discuss 4 important vendor risk management frequently asked questions for beginners. What vendor risk management is, why it’s important, who is involved and how vendor risk management is completed.
1/24/2019 • 4 minutes, 20 seconds
5 Quick Tips for Developing a Vendor Risk Assessment Template
Creating a vendor risk assessment template, commonly known as a VRA questionnaire can be quite the daunting task. In today’s podcast, we will cover 5 tips and recommendations to help you build a solid foundation for your vendor risk assessment template.
1/17/2019 • 2 minutes, 57 seconds
Interview: Spencer Knibbe, Co-Founder and Partner of MBK Search, on Third-Party Risk
This interview focuses on the role of vendor management in financial intuitions from a legal and regulatory perspective. Spencer Knibbe answers key questions about the specific pain points organizations are currently experiencing for third party risk management, which includes data aggregation, organizational consistency, reporting and cybersecurity.
1/16/2019 • 12 minutes, 3 seconds
How to Write a Vendor Management Policy
For vendor management, there are three unique sets of documents that you're going to want to create and update. The first document you should focus on is writing a third party risk management policy. In today's podcast, we're going to cover steps that will assist you in getting starting writing an effective risk management policy.
1/9/2019 • 2 minutes, 50 seconds
Overview Of The Pillars Of Vendor Management
There are 6 fundamental elements of a strong vendor management policy. In this podcast we are going to dive a little deeper into what each pillar means and some ways to incorporate these pillars into your third party risk policy.
1/2/2019 • 3 minutes, 52 seconds
5 Best Practices of Hiring Vendor Management Staff for 2019
Are you looking to expand your vendor management team in 2019? During today’s podcast we will discuss our top 5 recommendations to keep in mind while recruiting potential vendor management team candidates.
12/26/2018 • 1 minute, 57 seconds
7 Attributes of Good Vendor Managers to Continue in 2019
Vendor risk management is a complex job. It typically takes an individual who is meticulous in detail, thorough and patient to perform the job well. In today’s podcast, we’ll touch on some key attributes we’ve found in good vendor managers that should be continued in the new year.
12/12/2018 • 2 minutes, 52 seconds
Top 7 Best Practices in Vendor Risk Management
Since we’re nearing the end of the year, it’s a good time to reflect on 2018 and some of the vendor risk management best practices we’ve found to be very helpful. Let’s cover 7 of the 2018 best practices that should continue to be performed in the new year. They range from engaging the first line of defense through continuing education.
12/5/2018 • 2 minutes, 47 seconds
Interview: Keith Koo, from Guardian Insight Group and "Silicon Valley Insider", on Third-Party Risk
This interview covers qualifications that are needed on a third party risk management team, why cybersecurity risk is something that you can never really defeat and the importance of your response plan, how you can outsource the activity but you can’t outsource the risk - third party risk management burdens will continue to only get more complex and thought provoking conundrum about the introduction of decentralized technology, like a blockchain, and still accounting for third party risk.
12/4/2018 • 14 minutes, 35 seconds
10 Reasons to Be Thankful for Vendor Management
As we wrap up 2018, it’s a good time to reflect on the year and some of the reasons we’re thankful for a well-developed vendor management program. Listen to this podcast to learn 10 reasons to be thankful for vendor management.
11/20/2018 • 2 minutes, 14 seconds
Interview: Brian Tate, President & CEO at NBPCA, on Third-Party Risk Management
Listen to this interview with Brian Tate, President and CEO at Network Branded Prepaid Card Association (NBPCA) where he covers both a legal and industry perspective on third party risk, understanding the impact of fraud in third party risk management, how properly investing in third party risk management protects you and your organization, discussion regarding increased oversight at the state level and a post Dodd-Frank Act lesson - senior management and the board must be involved.
11/14/2018 • 20 minutes, 4 seconds
Preparing for Periodic Vendor Updates to the Board
As you wrap up 2018, it’s a good idea to think about your process for reporting to the board. Whether it’s your regularly scheduled, perhaps quarterly meeting, or whether it’s your summation of all activities for an annual board report, third party risk management needs to be a part of the board’s regular activities. Listen to today’s podcast where we’re going to touch on our recommendations to best prepare for periodic vendor updates to the board.
11/14/2018 • 4 minutes, 22 seconds
Following Up on Vendor Management Exam Findings
After an examiner pays you a visit and the report and recommendations are complete, it’s important to not only review the findings and recommendations but to also take follow-up action internally. Listen to this podcast where we discuss the five best practices you should be doing as a follow up to your exam.
11/7/2018 • 2 minutes, 59 seconds
The Basics of a Vendor Business Continuity Plan (BCP) Report
BCP stands for business continuity planning. Business continuity is what you do to ensure that key operations, products and services continue to be delivered either in full OR at a predetermined, and accepted, level of availability. Today, most people would have this outlined as part of a service level agreement (or SLA). When you think of business continuity and your vendor, it covers things like what would they do in the event of a loss of personnel, if their facilities or services were down; what their planning with public entities such as emergency services is like, and communications with their own identified key vendors, their clients like you, employees and the media. Listen to this podcast where we discuss the basics of a BCP Report.
11/1/2018 • 4 minutes, 56 seconds
Vendor Management Expectations in 2019 - Are You Prepared?
Listen as we discuss seven vendor risk management expectations for 2019, what to focus on and tips for each. Topics include cybersecurity, increasing regulatory requirements, compliance concerns, the OCC fintech charter, changes in political landscape, GDPR and responding to change in general.
10/17/2018 • 3 minutes, 32 seconds
Interview: Ashley Kelley, VP of ERM at Atlanta Postal Credit Union, on Third-Party Risk Management
Listen to our exclusive interview with Ashley Kelley, VP of ERM at Atlanta Postal Credit Union, as part of our Thought Leadership Series where we talk with many of the industry's sought-after leaders to discuss third party risk management.
Listen to this interview with Ashley Kelley for discussions on:
A credit union expert's perspective on third party risk management overall
Centralizing third party risk management - why it can be a struggle but is very needed
Insight from the VP for the International Association of Financial Crimes Investigators (IAFCI) on cybersecurity expectations and concerns
10/10/2018 • 14 minutes, 46 seconds
Quick Tips for Developing Your Third-Party Policy, Program and Procedures
A well-developed policy, program and procedure documents are all crucial to the success of an organization’s third party risk management department. Listen for some quick tips to help you develop, or revamp, your third party policy, program and procedures.
10/10/2018 • 2 minutes, 44 seconds
What is the Difference Between a Vendor SOC 1 and SOC 2 Report?
SOC reports differ based on what they cover, how the auditor performs the assessment and level of detail. This way, the vendor can avoid each client performing their own audit of the vendor’s system. Listen now to learn the differences between a SOC 1 and SOC 2 report and Type 1 and Type 2.
10/3/2018 • 2 minutes, 23 seconds
11 Reasons for a Third-Party Risk Management Budget in 2019
If done right, third party risk management is a strategic advantage. It’s an expense but also the best way to defend your company when risk is posed. In this podcast, we'll go through 10 reasons to consider your third party risk management department/program when budgeting for the upcoming year.
9/19/2018 • 3 minutes, 3 seconds
Interview: Michael Morris, Systems Partner at Porter Keadle Moore, LLP on Vendor Risk
This interview covers an auditor's perspective on how organizations are addressing third party risk management, best practices for managing risk, addressing today's cybersecurity threats and risks, top areas of concern for a SOC audit report, the importance of your subservice vendors (aka your vendor's vendor or fourth party), pre-contract considerations, vendor oversight and how vendor risk management training at the board level helps.
9/12/2018 • 13 minutes, 54 seconds
Budgeting for 2019: 5 Vendor Contract Considerations
When budgeting for the upcoming year, its a best practice to consider the costs associated with negotiating key contract terms and pricing. Listen as Venminder CFO, Mike Campbell, covers 5 vendor contract considerations for your 2019 budget.
9/12/2018 • 3 minutes, 7 seconds
Vendor Risk Management and FFIEC Appendix J
Learn how FFIEC’s Appendix J relates to your vendor risk management program, four key elements of business continuity planning that you should address when contracting with a third party service provider and our recommendations to best incorporate Appendix J into your vendor risk management program.
9/5/2018 • 3 minutes, 5 seconds
5 Third-Party Risk Management Best Practices for a Fintech Provider
As a fintech provider, your third party risk management process will become well-developed and more organized by following these 5 best practices. In turn, your clients will feel much more at ease when selecting you as their preferred vendor of choice to continue doing business with. It’s a win for both parties. Listen now.
8/22/2018 • 3 minutes, 11 seconds
The Importance of Vendor Due Diligence
We know that vendor vetting and ongoing monitoring are both important stages of the vendor lifecycle and due diligence process, however, why exactly is due diligence so important for vendor risk management? Listen to learn the top 5 reasons.
8/16/2018 • 2 minutes, 40 seconds
4 Best Practices to Take Away During a Breach
We all hope to never experience a breach at our organization, but if it does happen, do you know what to do? You can minimize the chance of it happening again by using those mistakes to improve your third party risk management program. Listen to Third Party Thursday now for 4 best practices.
8/8/2018 • 2 minutes, 33 seconds
Tips To Balance Third-Party Risk Management Tasks
Balance is incredibly important, especially in this industry. Listen to this podcast to learn 6 tips to balance your Third Party Risk Management tasks.
8/1/2018 • 3 minutes
Interview: Amy Hanna Keeney, Attorney with Adams and Reese LLP, on Vendor Risk
Listen to this interview where Amy Hanna Keeney, Attorney with Adams and Reese LLP, talks about Vendor Risk.
7/31/2018 • 15 minutes, 17 seconds
How to Do a Vendor Risk Assessment
Learn how to perform a check on your third party risk management program to determine the progress you've made. It is essential for the future success of your program to run through these 6 steps and best practices.
7/18/2018 • 4 minutes, 6 seconds
Improving The Process And Documenting a Mid-Year Third-Party Risk Management Progress Check
You've completed the 6 steps and best practices for a mid-year third party risk management progress check, so now what? Listen to our vendor risk management podcast to learn the next steps to take, how to document the findings and improving upon the process. Tune in to Third Party Thursday now.
7/11/2018 • 3 minutes, 31 seconds
Interview: Loraine DeBonis at Ubiquity Compliance Solutions on Vendor Risk
Join Venminder's interview with Loraine DeBonis at Ubiquity Compliance Solutions for key takeaways from a panelist at the NBPCA’s Power of Prepaid conference perspective, challenges banks & prepaid program managers are facing regarding the Fed’s Regulation E, improving risk management and more.
7/10/2018 • 14 minutes, 49 seconds
How to Do a Mid-Year Third-Party Risk Management Progress Check
Listen to this vendor management podcast to learn how to perform a check on your third party risk management program to determine the progress you've made. It is essential for the future success of your program to run through these 6 steps and best practices. Tune in to Third Party Thursday now.
7/5/2018 • 3 minutes, 24 seconds
Interview: Ed DeMarco of the Risk Management Association on Vendor Risk
Join Venminder's interview with Ed DeMarco, General Counsel and Director of Operational Risk & Regulatory Relations/Communications at the Risk Management Association (RMA), for information on vendor risk management challenges & best practices, cyber, vendor oversight, regulatory compliance & more.
6/26/2018 • 20 minutes, 40 seconds
Fundamentals of Business Continuity Planning (BCP) within Vendor Management
Business Continuity Planning (BCP) is important to you and your vendors. Listen to this podcast as we talk about the fundamentals and guide you through creating or reviewing BCPs - the appropriate regulatory guidance to follow, what to plan for, what to restore first and how to recover.
6/20/2018 • 2 minutes, 9 seconds
9 Tips to Prepare for a Third-Party Risk Exam
Don’t panic about the notification of a third party risk exam - we can help you prepare for the examiner's arrival. 3-4 months in advance of the examiners’ arrival, you should prepare or fine-tune the 9 following documentation items. Listen to this vendor risk management podcast to learn more.
6/13/2018 • 4 minutes
Interview: Jim Hussey, Founder of IT-TPRM.com, on Third-Party Risk Management
Join Venminder's interview with Jim Hussey, Founder of IT-TPRM.com, for a discussion on vendor risk management challenges, why you should place heavier focus on technology or fintech risk, how to engage the first line of defense, advice on meeting OCC lifecycle expectations, best practices and more.
6/12/2018 • 14 minutes, 10 seconds
Understanding Your Vendor's SOC Report - The Basics
What is a SOC report? A SOC report is an independent audit report performed by a public accounting firm and attests to the existence and effectiveness of the controls put in place to safeguard your data. Listen to this podcast as we break down 6 of the most important parts of your vendor's SOC report.
6/6/2018 • 4 minutes, 4 seconds
7 First Line of Defense Best Practices for Vendor Risk Management
Listen to this week's Third Party Thursday Podcast to learn about the lines of defense, specifically the first line, as it relates to vendor risk management.
5/23/2018 • 4 minutes, 44 seconds
Interview: Andrew Lorentz, Partner at Davis Wright Tremaine LLP, on Third-Party Risk Management
Listen to this interview with Andrew Lorentz, Partner at Davis Wright Tremaine LLP to hear his perspective on Third Party Risk Management.
5/22/2018 • 18 minutes, 53 seconds
Fourth Party Vendor Monitoring
Fourth party risk and liability is often overlooked because there isn't direct relationship with the fourth party vendor. It’s important to always know your vendor and this waterfalls down to fourth and third parties. Listen now for the 3 oversight steps to take regarding your fourth party vendors.
5/16/2018 • 3 minutes, 31 seconds
The 3 Vendor Risk Management Frameworks
There are three vendor management models that we typically see: centralized, decentralized and a hybrid approach. These allow the vendor risk manager to set standards while allowing for communication through the relationship manager and on to the vendor. Listen to this Third Party Thursday where we'll cover the differences between the three and determine which is best for you.
5/9/2018 • 4 minutes, 30 seconds
Criticality and Vendor Oversight
When determining your level of oversight on a vendor, you’ll clearly want to determine their criticality and risk level first. This is an essential and ongoing process for mitigating vendor risk. Listen to this podcast to help guide you through the process.
5/2/2018 • 6 minutes, 16 seconds
Interview: Glen Trudel, Partner at Ballard Spahr on Third-Party Risk Management
This interview covers biggest third party risk struggles financial institutions are facing, how to handle ongoing vendor risk management, addressing cybersecurity, board demonstrating their involvement, industry expectations and more.
4/24/2018 • 19 minutes, 37 seconds
Non-Elective Vendor Oversight Responsibility
While the General Data Protection Regulation, aka GDPR, is a European regulation, it has a global impact on any company which is collecting, storing or accessing European resident private data. The effective date of this regulation begins May 25, 2018. Listen to Third Party Thursday to learn what you need to know about GDPR and third party risk in order to be prepared and stay in compliance.
4/18/2018 • 4 minutes, 45 seconds
How to Fit Third-Party Risk Management into your ERM Program
Often times, people get confused between Enterprise Risk Management (ERM) and Third Party Risk Management (TPRM). In the past, we've covered the technical differences between ERM and third party risk management. Today, Third Party Thursday covers steps and tips on how to properly integrate Third Party Risk Management in your Enterprise Risk Management Program.
4/11/2018 • 2 minutes, 31 seconds
Interview: James Russell, CPA at Russell Bank Consulting on Third-Party Risk Management
Listen to this interview to hear James Russell, CPA at Russell Bank Consulting as he provide insight into third party risk management from his perspective as an auditor.
You will discussions on:
* Third party management changes over the last decade
* Common third party risk management issues during examination
* A real life example of a third party risk management relationship that went downhill
4/5/2018 • 19 minutes, 52 seconds
How GDPR Impacts Third-Party Risk Management
While the General Data Protection Regulation, aka, GDPR is a European regulation, it has a global impact on any company which is collecting, storing or accessing European resident private data. The effective date of this regulation begins May 25th, 2018. Listen to this Third Party Thursday podcast to learn what you need to know about GDPR in order to be prepared and stay in compliance.
3/28/2018 • 3 minutes, 42 seconds
ERM vs. TPRM
Join us for today's Third Party Thursday podcast. It covers the difference between ERM and TPRM, and why you should be paying extra attention to third party risk management inside of your enterprise risk management.
3/21/2018 • 1 minute, 37 seconds
How Much Staffing is Needed to do Third-Party Risk Management?
Branan Cooper, Venminder's Chief Risk Officer will walk you through several factors to consider when determining how much staff is needed to do third party risk management well.
3/14/2018 • 2 minutes, 44 seconds
Five Common Pitfalls in Vendor Contracts
Listen to this podcast where Venminder's Chief Risk Officer, Branan Cooper will focus on the contracts themselves and some common pitfalls as well as a few ideas of how to avoid them.
3/7/2018 • 2 minutes, 24 seconds
Interview: Elizabeth Khalil, Partner at Dykema Gossett on Third-Party Risk Management
Listen to this podcast where Venminder's Chief Risk Officer, Branan Cooper interviews Elizabeth Khalil, Partner at Dykema Gossett PLLC on her thoughts on Third Party Risk Management.
3/6/2018 • 22 minutes, 19 seconds
Interview: Marilyn Bochicchio, Founder of Hidden Brain, on Third-Party Risk Management
Listen to this podcast where Venminder's Chief Risk Officer, Branan Cooper chats with Marilyn Bochicchio, Founder of Hidden Brain on her thoughts on third party risk management.
3/6/2018 • 16 minutes, 16 seconds
Creating Awareness of Third-Party Risk Management within Your Organization
Join us to learn tips on how you can help foster a third party risk management mindset within your team and organization.
2/28/2018 • 2 minutes, 29 seconds
9 Key Components of a Successful Third-Party Risk Management Plan
Listen to this week's podcast as it covers 9 key components to implement into your own third party risk management program.
2/14/2018 • 3 minutes, 17 seconds
Consumer Complaints and Vendor Management
Consumer complaints are an expense of being in business, but also a chance to respond and turn it around to a more positive interaction and fix vendor management issues. Learn how in Third Party Thursday.
2/7/2018 • 2 minutes, 32 seconds
Third-Party Risk Management Regulatory Compliance During Regulatory Change
Daily vendor management regulatory compliance efforts you can implement in order to keep up with third party risk regulatory reform.
1/31/2018 • 1 minute, 46 seconds
Interview: David Stevens, President & CEO of MBA, on Third-Party Risk Management
This interview covers cost benefit analysis of compliance, regulations that effected and are currently effecting the lending industry, outsourcing risk management functions, third party risk strategy, advice from the MBA perspective on consumer data breaches, data security, cybersecurity, lessons learned from the housing crisis and the CFPB relation to regulatory compliance.
1/31/2018 • 25 minutes, 43 seconds
Interview: Shane Martin, EVP of InHouseUSA, on Third-Party Risk Management
Listen as we take a deep dive into the application of third party risk in the world of appraisal management. Two experienced mortgage professionals talk about how to stay in compliance, how outsourced vendor management solutions help, best practices for selecting and managing appraisers, what types of due diligence you need to do for Appraisal Management Companies (AMCs), Dodd Frank, regulatory compliance challenges and differences between internal appraisal management and outsourcing to an AMC solution provider.
1/30/2018 • 18 minutes, 57 seconds
Interview: Suresh Ramakrishnan, SVP of Ascendum Solutions, on Third-Party Risk Management
Learn all about outsourcing third party risk functions in this in-depth podcast. Two seasoned mortgage lending industry experts provide an inside look into the benefits and risks associated with offshoring and outsourcing solutions and services, the difference in attitudes between early adopters of outsourcing to provide strategic advantages, the hurdles late adopters have regarding data security and a mindset of a loss of control, best practices and how outsourcing (if managed correctly) can provide greater efficiencies, reduce your workload and help with cost management.
1/30/2018 • 15 minutes, 45 seconds
UDAAP and What It Means to Your Third-Party Risk Management Program
What you need to know about Unfair Deceptive or Abusive Acts and Practices) and how they effect your third party risk management program.
1/17/2018 • 2 minutes, 46 seconds
Due Diligence on Your Fintech Vendors
How to determine which due diligence questions to ask and what standard should firmly be expected of your Fintech vendors.
1/10/2018 • 2 minutes, 39 seconds
Third-Party Risk Management Year End 2017
Listen as we wrap up the 2017 Third Party Thursday Series with one final podcast for the year and we want to thank you!
12/27/2017 • 48 seconds
Why It's Important to Stay Abreast of New Vendor Management Regulatory Guidance
If you don't stay up to date on new regulations, you'll find yourself out of compliance and perhaps out of business. Listen to our podcast for several reason why you need to stay up-to-date on vendor management regulatory guidance.
12/20/2017 • 2 minutes, 6 seconds
Vendor Classification
Learn about 'bucketing' your vendors and how this classification system can help you with third party oversight and ongoing monitoring.
12/13/2017 • 2 minutes, 13 seconds
Developing an Effective Complaint Management System for Vendor Management
A well run compliant management system can take an upset customer and turn them into your best customer. Listen to learn what to include in your compliant policy and compliant management system.
12/6/2017 • 2 minutes, 32 seconds
What Should Be in Your Third-Party Risk Examination Preparation Handbook
It covers what should be in your examination preparation handbook - from the best strategy to tips on how to stay ready, we've got you covered!
11/30/2017 • 3 minutes, 40 seconds
How to Properly Identify Your Critical Vendors
Learn how to properly identify your critical third party vendors.
11/22/2017 • 1 minute, 46 seconds
Learning the Fundamentals of Third-Party Risk Management
Learn the key takeaways from important third party risk regulatory guidance released by the OCC, FDIC, and FFIEC.
11/15/2017 • 1 minute, 25 seconds
Third-Party Risk Management Education Best Practices
Maybe you're brand new to third party risk management, or maybe you've been doing it since the time it was known as generally a quality assurance function and nothing else. Either way, listen to learn how keeping abreast of best practices and staying informed on the regulatory environment are great ideas for everyone involved.
11/8/2017 • 1 minute, 43 seconds
Prevention of Problems in Third-Party Risk
Learn how being proactive can ultimately prevent problems in third party risk management. Our expert gives three examples of how you can be proactive.
11/1/2017 • 1 minute, 53 seconds
Learning From Enforcement Actions
What do you do when you find out one of your third parties is named in an enforcement action, even if unrelated to your institution? Listen to this podcast for six tips from a third party risk expert.
10/25/2017 • 2 minutes, 11 seconds
Creating a Culture of Compliance for Vendor Management
It covers creating a culture of compliance to have successful vendor management. We'll discuss what that means and how to get it.
10/19/2017 • 1 minute, 30 seconds
Do I Have to Risk Rate Every Vendor?
We'll cover why it's necessary to risk rate EVERY vendor when conducting your vendor risk assessments. And, we'll give a couple quick tips in doing so.
10/12/2017 • 1 minute, 37 seconds
Vendor Management Board Reporting
Learn which third party activities your board should be involved in according to regulators, and what information is essential in a board report.
9/28/2017 • 1 minute, 30 seconds
UDAAP - Unfair, Deceptive or Abusive Acts or Practices
Learn from our Chief Risk Officer about Unfair, Deceptive, Abusive Acts and Practices, the role of the CFPB and enforcement actions in the world of third party risk.
9/14/2017 • 2 minutes, 33 seconds
Brand Names and Vendor Due Diligence
Brand Names and Vendor Due Diligence by Third-Party Risk Education
8/31/2017 • 1 minute, 33 seconds
Guidance on OCC Bulletins 2017-7 and 2017-21
Listen to this podcast to learn key takeaways from two OCC bulletins issued this year on third party risk management, OCC Bulletins 2017-7 and 2017-21.
8/3/2017 • 1 minute, 55 seconds
The Basic Concepts of Third-Party Risk Management Framework
Learn the basics of the third party risk management framework including how it relates to enterprise risk management (ERM).
7/27/2017 • 1 minute, 26 seconds
Best Practices of Vendor Contract Management
Listen to this podcast to learn about vendor contract management from our experts, the importance of contracts to your institution and what steps you should take to protect your institution.
7/20/2017 • 2 minutes, 11 seconds
FFIEC Appendix J and E
FFIEC Appendix J and E by Third-Party Risk Education
7/13/2017 • 2 minutes, 42 seconds
7 Vendor Risk Attributes to Consider
Learn the 7 key things you should do with every new vendor. These steps are essential to the vendor vetting process and determining how much you know about the company with whom are you planning to do business.
7/13/2017 • 2 minutes, 39 seconds
Analyzing SOC Controls
Analyzing SOC Controls by Third-Party Risk Education
6/30/2017 • 5 minutes, 10 seconds
CIA Triad Within Vendor Management
CIA Triad Within Vendor Management by Third-Party Risk Education
6/30/2017 • 2 minutes, 35 seconds
How, When & Why To Use a Vendor Information Security Questionnaire
How, When & Why To Use a Vendor Information Security Questionnaire by Third-Party Risk Education
6/30/2017 • 2 minutes, 47 seconds
What Is SSAE 18?
What Is SSAE 18? by Third-Party Risk Education
6/30/2017 • 4 minutes, 27 seconds
Understanding Vendor SOC Scope, Time And Narrative
Understanding Vendor SOC Scope, Time And Narrative by Third-Party Risk Education
6/30/2017 • 3 minutes, 22 seconds
5 Types Of Vendor SOC Reports
5 Types Of Vendor SOC Reports by Third-Party Risk Education
6/30/2017 • 4 minutes, 2 seconds
FFIEC's Cybersecurity Assessment Tool
FFIEC's Cybersecurity Assessment Tool by Third-Party Risk Education
6/30/2017 • 3 minutes, 1 second
3 Key Points To Review In Service Organization Controls (SOC) Reports
3 Key Points To Review In Service Organization Controls (SOC) Reports by Third-Party Risk Education
6/30/2017 • 4 minutes, 15 seconds
Security & Confidentiality Provisions Which Should Be Addressed In All Third-Party Agreements
Security & Confidentiality Provisions Which Should Be Addressed In All Third-Party Agreements by Third-Party Risk Education
6/30/2017 • 4 minutes, 38 seconds
Mitigating Vendor Contract Management Risk
Mitigating Vendor Contract Management Risk by Third-Party Risk Education
6/30/2017 • 3 minutes, 2 seconds
5 Key Provisions To Look For In Your Critical Vendor Contracts
5 Key Provisions To Look For In Your Critical Vendor Contracts by Third-Party Risk Education
6/30/2017 • 4 minutes, 11 seconds
Consequences of a Vendor's Poor Financial Performance
Consequences of a Vendor's Poor Financial Performance by Third-Party Risk Education
6/30/2017 • 4 minutes, 9 seconds
What to do When a Vendor Refuses to Provide Financial Statements
What to do When a Vendor Refuses to Provide Financial Statements by Third-Party Risk Education
6/30/2017 • 2 minutes, 33 seconds
What's In The News Matters
What's In The News Matters by Third-Party Risk Education
6/30/2017 • 3 minutes, 41 seconds
Your Vendors and Cloud Computing
Your Vendors and Cloud Computing by Third-Party Risk Education
6/30/2017 • 3 minutes, 26 seconds
What Can You Do Now To Prepare For 2017
What Can You Do Now To Prepare For 2017 by Third-Party Risk Education
6/30/2017 • 3 minutes, 4 seconds
Best Practices In Vendor Management
Best Practices In Vendor Management by Third-Party Risk Education
6/30/2017 • 3 minutes, 19 seconds
Defining Critical Vs Non Critical Vendors
Defining Critical Vs Non Critical Vendors by Third-Party Risk Education
6/30/2017 • 1 minute, 52 seconds
Critical Vendors - What To Review
Critical Vendors - What To Review by Third-Party Risk Education
6/30/2017 • 3 minutes, 35 seconds
10 Common Vendor Management Errors
10 Common Vendor Management Errors by Third-Party Risk Education
6/30/2017 • 3 minutes, 16 seconds
10 Steps To Creating Your Vendor List
10 Steps To Creating Your Vendor List by Third-Party Risk Education
6/30/2017 • 3 minutes, 19 seconds
Third-Party Due Diligence
Third-Party Due Diligence by Third-Party Risk Education
6/30/2017 • 4 minutes, 4 seconds
Keeping Your Vendor List and Process Current
Keeping Your Vendor List and Process Current by Third-Party Risk Education
6/30/2017 • 2 minutes, 47 seconds
Enterprise Risk Management Vs Vendor Management
Enterprise Risk Management Vs Vendor Management by Third-Party Risk Education
6/30/2017 • 2 minutes, 22 seconds
Vendor Mangement Risk Assessments
Vendor Mangement Risk Assessments by Third-Party Risk Education
6/29/2017 • 1 minute, 4 seconds
Fundamental Third-Party Risk Management Best Practices
Fundamental Third-Party Risk Management Best Practices by Third-Party Risk Education
6/29/2017 • 4 minutes, 37 seconds
The Lifecycle Approach To Third-Party Risk Management
The Lifecycle Approach To Third-Party Risk Management by Third-Party Risk Education
6/29/2017 • 2 minutes, 45 seconds
Why There Is So Much Focus On Third-Party Risk
Why There Is So Much Focus On Third-Party Risk by Third-Party Risk Education
6/29/2017 • 2 minutes
How to Write a Third-Party Program
How to Write a Third-Party Program by Third-Party Risk Education
6/29/2017 • 2 minutes, 31 seconds
How to Write a Third-Party Policy
How to Write a Third-Party Policy by Third-Party Risk Education
6/29/2017 • 1 minute, 47 seconds
Importance Of Complementary User Entity Controls
Importance Of Complementary User Entity Controls by Third-Party Risk Education
6/29/2017 • 2 minutes, 59 seconds
Vendor Business Continuity And Disaster Recovery Plans
Vendor Business Continuity And Disaster Recovery Plans by Third-Party Risk Education
6/29/2017 • 3 minutes, 43 seconds
Fourth Parties
Fourth Parties by Third-Party Risk Education
6/29/2017 • 1 minute, 24 seconds
3 Lines Of Vendor Management Defense
3 Lines Of Vendor Management Defense by Third-Party Risk Education
6/29/2017 • 1 minute, 30 seconds
Evolution Of Third-Party Risk
Evolution Of Third-Party Risk by Third-Party Risk Education
6/29/2017 • 2 minutes, 2 seconds
Defining The Scope Of Your Third Party Risk Management Program
Defining The Scope Of Your Third Party Risk Management Program by Third-Party Risk Education
6/29/2017 • 1 minute, 47 seconds
7 Steps of Vendor Vetting
7 Steps of Vendor Vetting by Third-Party Risk Education