Winamp Logo
Third-Party Risk Education Cover
Third-Party Risk Education Profile

Third-Party Risk Education

English, Technology, 1 season, 242 episodes, 20 hours, 46 minutes
About
Venminder has a team of due diligence experts who can significantly reduce your vendor management workload. Venminder also has a software solution to organize, track and report findings to Senior Management, the Board of Directors and, ultimately, the examining bodies.
Episode Artwork

Common Third-Party Risk Management Findings in Exams and Next Steps

If your organization is in a regulated industry, you should anticipate regular examinations. It's good to review your regulators website to become familiar with their exam process, classification of issues, etc. In this podcast, learn common exam findings and next steps.
8/21/20245 minutes, 19 seconds
Episode Artwork

How Vendor Risk Management Software Streamlines Your Program

Anyone who is involved in vendor risk management knows the intricacies of the various tasks.  In this podcast, learn tips and common ways you can utilize vendor risk management software to streamline your processes.
7/18/20245 minutes, 12 seconds
Episode Artwork

Interview: Barb Lowman, CUNA Strategic Services and Idrees Rafiq Jr, Cornerstone Resources

In this interview, Venminder's Hilary Jewhurst is joined by Barb Lowman, President at CUNA Strategic Services and Idrees Rafiq Jr, Information Security & Risk Management Consulting, Vice President at Cornerstone Resources to discuss the effects that fintech organizations have on credit unions.
7/11/202434 minutes, 11 seconds
Episode Artwork

How to Build a Fourth-Party Vendor Inventory

Building a fourth-party vendor inventory can be challenging, but it's crucial to protect your organization from an extensive risk landscape. This podcast explains how to build a fourth-party vendor inventory and tips to keep in mind.
4/10/20245 minutes, 5 seconds
Episode Artwork

Risk-Based Due Diligence in Third-Party Risk Management

Although a vendor's risk can change over time, risk-based due diligence is a a good strategy that provides consistent results. In this podcast, learn three ways risk-based vendor due diligence can improve your efficiency.
3/20/20244 minutes, 1 second
Episode Artwork

Interview: Rachael Ormiston, Head of Privacy at Osano

In this thought leadership interview, learn how to implement vendor privacy scores into your third-party risk management practices with Venminder's Hilary Jewhurst and Osano's Rachel Ormiston
3/19/202417 minutes, 36 seconds
Episode Artwork

Why Third-Party Risk Management Matters in a Struggling Economic Climate

The economy has faced many challenges the past few years, from the pandemic, supply chain issues, ongoing global wars, and others. These events present many challenges for organizations and their looking to cut costs. As a result third-party risk management teams are on the chopping block.
1/24/20246 minutes, 21 seconds
Episode Artwork

Interview: Andrew Moyad, CEO of Shared Assessments

In this interview, Andrew discusses how cyber insurance is important for your third-party risk management program, what it generally covers, what it doesn't cover, and more.
1/17/202452 minutes, 37 seconds
Episode Artwork

Third-Party Risk Management Recommendations for 2024

In this informative podcast, learn 4 key recommendations to implement in your third-party risk management programs to mitigate and manage vendor risk this upcoming year.
12/27/20235 minutes, 13 seconds
Episode Artwork

Third-Party Risk Management Takeaways From 2023

In this podcast, we'll reflect back on what's been happening in the world of third-party risk this year. We've included five takeaways, from AI to the fall of Silicon Valley Bank. Listen now!
11/29/20235 minutes, 30 seconds
Episode Artwork

Interview: Tom Rogers, Founder and CEO at Vendor Centric

Throughout this interview, Tom Rogers defines the characteristics that make up a fourth-party vendor and uncovers the steps to manage them. Listen to this interview to learn about fourth party due diligence, regulations, and best practices.
11/16/202316 minutes, 20 seconds
Episode Artwork

Drafting Cybersecurity Requirements Into the Vendor Contract

Learn best practices that should be included in your third-party risk management program to ensure you keep your organization protected from data breaches and other cybersecurity incidents.
10/18/20234 minutes, 44 seconds
Episode Artwork

Manage Large Vendors Successfully in Your Third-Party Risk Management Program

Partnering with a large well-known vendor can prove to be beneficial. However, in some instances larger vendors can be more difficult to effectively manage. Learn the essential tips and best practices to mitigate vendor risk with your large vendors.
9/28/20235 minutes, 45 seconds
Episode Artwork

Interview: Mike Morris, Principal at Wipfli

Throughout this interview, Mike Morris Highlights the SEC Proposed Outsourcing Rule and it's impact on vendor risk management. Listen to learn answers to common questions, tips and suggestions, as well as a general overview of the SEC Proposed Outsourcing Rule.
9/22/202325 minutes, 47 seconds
Episode Artwork

Board Oversight in Third-Party Risk Management and Regulatory Exams

Regulatory examiners have distinct expectations when it comes to the boards involvement in third-party risk management. Listen to learn the board's place in regulatory exams, and how you can lend a helping hand.
8/23/20235 minutes, 3 seconds
Episode Artwork

Leverage Resources for Increased Third-Party Risk Management Value

Although your organization may have limited resources for your third-party risk management program, you don't have to fall behind. Even smaller teams can manage the complex and interrelated processes involved in TPRM by using software.
7/19/20235 minutes, 25 seconds
Episode Artwork

Tips to Improve Collaboration With Vendor Owners

Collaboration with vendor owners involves a lot of day-to-day activities, spanning across the three stages of the third-party risk management lifecycle. This podcast outlines useful tips that can improve collaboration between your third-party risk management team and your vendor owner.
6/28/20233 minutes, 51 seconds
Episode Artwork

Identifying and Documenting Third-Party Risk Management Issues

No matter the vendor, there may be issues that arise at any point in the vendor relationship. In this podcast, learn examples of third-party risk management issues you may encounter.
5/17/20234 minutes, 14 seconds
Episode Artwork

Mitigate Supply Chain Risk With Third-Party Risk Management Best Practices

Effective third-party risk management can help your organization mitigate supply chain risk. Natural disasters and cyberattacks are just two examples of business disrupting events. This podcast outlines four examples of TPRM can help you mitigate supply chain risk.
4/18/20233 minutes, 44 seconds
Episode Artwork

Vendor Financial Importance in Today's Business Climate

In today's business climate vendor financial health monitoring is important. There are several factors to consider when reviewing vendor financial health including, inflation, political instability, and more.
3/22/20235 minutes, 49 seconds
Episode Artwork

6 State Of Third-Party Risk Management Highlights For 2023

After conducting our State of Third-Party Risk Management Survey in November of last year, we've analyzed the results and found six highlights that you should pay close attention to this upcoming year.
2/22/20236 minutes, 34 seconds
Episode Artwork

The Value of On-Site Vendor Visits

Even in today's increasingly remote working environment, you need to perform on-site vendor visits. In this podcast, we'll highlight 6 reasons on-site vendor visits are a valuable part of your due diligence practice.
1/18/20236 minutes, 13 seconds
Episode Artwork

6 Third-Party Risk Management Best Practices for 2023

For many, 2022 was a challenging year. From supply chain disruptions to regulatory updates, and the threat of malicious actors. In this podcast, learn six TPRM best practices to bring into 2023.
12/14/20224 minutes, 45 seconds
Episode Artwork

5 Advantages of Outsourcing Third-Party Risk Management Tasks

TPRM involves many activities that can take up a lot of your team's times and resources. In this podcast, learn 5 advantages of outsourcing your third-party risk management tasks.
11/15/20224 minutes, 10 seconds
Episode Artwork

How to Safeguard Your Organization From Third-Party Cyber Risk

Protecting your customers' sensitive information is important. It's important to understand the weaknesses and risks associated with your vendors.  In this podcast, learn how to safeguard your organization from third-party cyber risk.
10/12/20222 minutes, 19 seconds
Episode Artwork

4 Best Practices for Critical Vendor Contract Management

When dealing with your critical vendors, it's necessary to ensure that all parties know what is expected of them and what the dealbreakers are in the relationship. Learn 4 best practices of critical vendor contract management in this podcast.
9/7/20222 minutes, 27 seconds
Episode Artwork

How to Create a Vendor Risk Management Program for a Health Organization

Keeping the patient proactive care model in mind when considering third-party risk management is important. This podcast highlights 4 steps to take in creating a TPRM program for a health organization.
8/10/20221 minute, 36 seconds
Episode Artwork

How to Prepare Your Vendors for ESG Disclosures

Although there is still limited legislation on mandatory ESG disclosures, regulators are continuing to address issues like climate change and modern slavery. This podcast highlights three ways you can help your vendor prepare for ESG disclosures.
7/20/20222 minutes, 23 seconds
Episode Artwork

4 Exit Strategies for Offboarding a Vendor

Having an exit strategy in case your vendor relationship must come to an end is crucial. When faced with offboarding a vendor, you'll want to avoid any surprises. Learn 4 exit strategies in this informational podcast.
6/8/20221 minute, 44 seconds
Episode Artwork

3 Frequent Mistakes Regarding Vendor Financials

Vendor financial health includes many factors that your organization should be cognizant of and reviewing accordingly. This podcast highlights three mistakes to avoid and ensure there is comparability and consistency across your vendor financial reviews.
5/18/20221 minute, 55 seconds
Episode Artwork

The Stages in the Third-Party Risk Management Lifecycle

There is a beginning and end to every third-party relationship. In this informative podcast, you’re going to learn the stages of the third-party risk management lifecycle and a little about each one.
4/26/20222 minutes, 5 seconds
Episode Artwork

How to Mitigate Vendor Risk

Mitigating vendor risk is an important component of your third-party risk management program to ensure that your overall business operations can continue on. This podcast highlights what you need to do to mitigate vendor risk.
3/16/20222 minutes, 13 seconds
Episode Artwork

Top 4 Third-Party Risk Management Trends

Venminder's State of Third-Party Risk Management survey highlighted the top 4 trends for TPRM in 2022. Listen to this podcast to learn what they are.
2/16/20222 minutes, 13 seconds
Episode Artwork

3 Vendor Management Best Practices for 2022

2022 is sure to be full of uncertainties and challenges for vendor management. Listen to this podcast that highlights 3 best practices to follow this year.
1/12/20221 minute, 48 seconds
Episode Artwork

3 Third-Party Risk Management Lessons Learned in 2021

This podcast highlights three main third-party risk management lessons in 2021. Listen on to learn how your organization can use these lessons to prepare for 2022.
12/8/20212 minutes, 16 seconds
Episode Artwork

4 Tips for Building a Third-Party Risk Management Program

Tune in to our latest podcast to learn four tips to build a successful third-party risk management program. What to include, who's involved and more.
11/10/20211 minute, 44 seconds
Episode Artwork

What to Review in a Third-Party Incident Response Plan

In this podcast you will learn the four things to review in a third-party incident response plan and understand how your vendor will respond to an incident when it happens.
10/13/20212 minutes, 6 seconds
Episode Artwork

Interview: Michael Kossman, Chief Operating Officer and Chief Compliance Officer at Aspiriant

Throughout this interview Michael highlights the importance of third-party risk management, the challenges his firm faced when implementing a TPRM program and best practices for board and senior leadership involvement in third-party risk management.
10/6/202127 minutes, 10 seconds
Episode Artwork

What Is a Vendor Confidentiality Agreement?

Listen to this podcast to get an understanding of what a vendor confidentiality agreement is and why it's important in third-party risk management strategy
9/15/20211 minute, 36 seconds
Episode Artwork

How to Get From Inherent Vendor Risk to Residual Risk

Tune in to this podcast where we explain how to get from inherent vendor risk to residual risk. Learn how to calculate these risks with a quick example.
8/11/20212 minutes, 7 seconds
Episode Artwork

Various Types of Vendor Business Continuity and Disaster Recovery Testing

Listen in on this podcast that describes the various types of vendor business continuity and disaster recover testing. Learn the common tests that take place and what you should look for in your results.
7/14/20212 minutes, 14 seconds
Episode Artwork

3 Best Practices for Overseeing International Vendors

Listen to this 90 second podcast to learn the best practices for overseeing international vendors. Ensure you are doing your due diligence when vetting, understanding their financial documentation and obtaining references.
6/8/20211 minute, 50 seconds
Episode Artwork

What Is Vendor Compliance Risk?

Listen to this podcast to understand the basics of vendor compliance risk, understand the faults of these risks and how to protect your organization.
5/11/20211 minute, 57 seconds
Episode Artwork

What Is Third-Party Risk Management?

Understanding third-party risk management can be complex, but it doesn't have to be. Listen to this podcast to understand what third-party risk management is and how it is a valuable asset to your organization.
4/21/20212 minutes
Episode Artwork

5 Acceptable Financial Documents if a Vendor Is Privately Held

Learn about acceptable documents to request from your privately held vendors, how to assess their risk, and understand their financial state.
4/14/20212 minutes, 12 seconds
Episode Artwork

Who Is Involved in Third-Party Risk Management?

Understanding the key roles involved in third-party risk management is important to you and your organization. Learn their responsibilities and how they fit into your third-party risk management program.
4/6/20212 minutes, 30 seconds
Episode Artwork

3 Tips to Avoid a Vendor Fooling You

There are vendor management best practices you should be aware of to help avoid being deceived by a vendor. Listen to this podcast to quickly learn three tips to help you with the process.
3/31/20211 minute, 29 seconds
Episode Artwork

4 Tips To Dust Off An Outdated Vendor Management Process

Spring is around the corner and it’s the perfect time to dust off your vendor management program and clean up your processes. This podcast covers some tips that you need to know when improving your approach to third-party risk management
3/10/20211 minute, 44 seconds
Episode Artwork

Vendor Due Diligence Fast Facts To Know

Due diligence is a critical step in the vendor lifecycle, and when done properly, can set your organization up for success. Find out how to get started with the process by listening to this week’s podcast that covers fast facts you need to know.
3/3/20211 minute, 13 seconds
Episode Artwork

5 Tips for Offboarding Vendors

No one wants to go into a vendor relationship planning for it’s demise – but it happens! If you have a vendor that is no longer meeting your organization’s needs, make sure you listen to this week’s 90-second podcast to hear about how you can successfully offboard one of your vendors.
2/17/20211 minute, 49 seconds
Episode Artwork

The Differences Between a Vendor Questionnaire and Assessment

It’s a common misconception that a vendor questionnaire and vendor assessment are the same thing – but they actually have key differences that it’s important you understand. Listen to this podcast to hear more about the differences between questionnaires and assessments and why your organization needs both.
2/10/20211 minute, 29 seconds
Episode Artwork

What Is Ongoing Vendor Due Diligence?

Ongoing vendor due diligence, or ongoing monitoring is one of the most important steps in the vendor lifecycle. Find out what you need to know about the process and the key points of ongoing vendor due diligence that you should be aware of in this 90-second podcast.
2/3/20211 minute, 56 seconds
Episode Artwork

How to Create Third-Party Risk Management Procedures

Creating and keeping your procedures documentation updated is a key step to achieving vendor management success. Listen to this week's 90-second podcast to help you accomplish this with five creation tips.
1/20/20211 minute, 33 seconds
Episode Artwork

7 Unique Vetting Elements for Core Processing Vendors

Are you selecting a core processing vendor? There are some things that you need to make sure you're considering. Listen to this 90-second podcast to learn about the factors you need to keep top of mind.
1/13/20212 minutes, 4 seconds
Episode Artwork

Why Vendor Management Is Important

New to third-party risk management? Get back to the basics with a breakdown of what vendor management is and some important tips to help get you started with this 90-second podcast.
1/6/20211 minute, 46 seconds
Episode Artwork

4 Main Third-Party Risk Management Updates from 2020

2020 was certainly an interesting year and had major industry updates because of the pandemic. Find out what important lessons you need to be aware of going into the new year so you can be more successful in vendor management.
12/16/20201 minute, 40 seconds
Episode Artwork

5 Vendor Risk Management Tasks to Do Before the End of the Year

The end of the year is upon us and there are certain vendor management tasks that must be completed. This 90-second podcast covers a few of the items that you should tackle before the end of the year to be better prepared for 2021.
12/3/20201 minute, 55 seconds
Episode Artwork

4 Tips for Gathering Useful Vendor Management Resources

In the spirit of Thanksgiving, we want to help you figure out the best way to gather vendor management resources. Listen to this 90-second podcast that covers some of our useful tips to help you stay on top of new third-party risk management news and resources.
11/18/20201 minute, 35 seconds
Episode Artwork

Raking in Vendor Risk Management ROI

Vendor risk management is a necessary investment and it can have a significant ROI for your organization. Listen to this week’s podcast for the top three benefits and ROI you can achieve by investing in third-party risk management.
11/4/20201 minute, 52 seconds
Episode Artwork

Scary Consequences of an Incomplete Vendor SOC Assessment

You need to be thoroughly analyzing your vendor’s SOC reports to ensure there is no missing or overlooked information that could negatively impact your organization. Find out what the three scariest consequences that can occur if you have a missing item on your vendor SOC report by listening to this week’s podcast.
10/21/20202 minutes, 4 seconds
Episode Artwork

5 Vendor Data Breach Precautions

If one of your vendors falls victim to a data breach, it can have a range of serious consequences for you organization. You can take proactive steps that will help you better protect your customers and reputation from a third-party data breach. Listen to this 90-second podcast for our top five tips.
10/14/20201 minute, 48 seconds
Episode Artwork

3 Vendor Information Security Best Practices

Having a strong information security policy is more important than ever with rising cybersecurity risks. Listen to this week’s 90-secnod podcast to understand why you need to evaluate your vendor’s information security procedures and three best practices we recommend for the process.
9/30/20202 minutes, 1 second
Episode Artwork

4 Fintech Vendor Management Tips to Meet Regulater and Client Expectations Podcast

In this week’s 90-second podcast, learn the top four expert tips that will help to help fintech organizations more successfully meet their client and regulator expectations.
9/23/20201 minute, 48 seconds
Episode Artwork

How to Maximize Your Third-Party Risk Management Budget

You can take specific steps that will help you maximize even the smallest budget for vendor management. Listen to this week’s podcast for the top three tips we recommend to help you make the most of your organization’s budget.
9/9/20201 minute, 43 seconds
Episode Artwork

Vendor Oversight Strength Depends on the Contract

If you have well-developed vendor contracts, then you are setting your organization up for success when it comes to vendor oversight. Find out the top three reasons why your vendor contracts directly affect your level of oversight.
9/2/20201 minute, 58 seconds
Episode Artwork

Interview: Chris Caputo, External Audit Coordinator at CMG Financial

Chris Caputo, External Audit Coordinator at CMG Financial, shares his thoughts on commonly seen vendor management struggles and how to overcome them. He also dives into the recent industry changes due to the pandemic, what to expect from a regulatory compliance perspective and discusses vendor risk management best practices from an auditor’s perspective.
8/19/202030 minutes, 7 seconds
Episode Artwork

Top 10 Vendor Contract Negotiation Tips

To be successful in vendor contract management you have to be effective in your negotiation efforts. To help you better manage this stage in the vendor contract process, listen to this week’s 90-second podcast for the top tips our experts recommend.
8/12/20201 minute, 54 seconds
Episode Artwork

5 Next Steps After You Receive a Vendor Contract

Once you receive a vendor contract, there are specific steps that you should take for a more successful process. This 90-second podcast covers the 5 most important steps our experts recommend you're following.
8/5/20201 minute, 37 seconds
Episode Artwork

7 Must-Haves for Vendor Management Examiners Right Now

The process of conducting vendor management exams has changed drastically during the pandemic. Whether your exam is conducted in-person or remotely, this podcast covers the 5 most important items you should always have prepared.
7/29/20201 minute, 44 seconds
Episode Artwork

Interview: Jenn Wilkinson, VP of Strategic Vendor Management at Cenlar FSB

Jenn Wilkinson, Vice President of Strategic Vendor Management at Cenlar FSB, shares her thoughts on how organizations are currently managing third-party risk and dives deeper into the process of building a vendor management program from the ground up. She also discusses why your program should be tailored to the specific needs of your organization, the importance of having a strong vendor management team and how the recent pandemic has brought third-party risk management challenges for the industry.
7/22/202023 minutes, 42 seconds
Episode Artwork

The Hazards of Incomplete Vendor Due Diligence

By not being aware of the hazards of incomplete vendor due diligence, you could be putting your organization at risk. Listen to this 90-second podcast for the most important hazards to know.
7/15/20202 minutes, 13 seconds
Episode Artwork

3 Questions to Include in Vendor Information Security Assessment Questionnaires

Asking the right questions in your vendor information security assessment questionnaires can prevent future headaches down the road. Listen to this week’s podcast to find out three important questions we recommend you include in your questionnaire.
6/24/20201 minute, 47 seconds
Episode Artwork

What Is Vendor Business Continuity Management?

Understand the basics of business continuity management with this 90-second podcast that breaks down what you need to know about the process.
6/24/20201 minute, 41 seconds
Episode Artwork

5 Requests to Always Negotiate into a Vendor Contract

There are important requests you need to include in all of your vendor contract negotiations. These 5 will help set your organization up for success. Find out what they are by listening to this podcast.
6/24/20202 minutes, 2 seconds
Episode Artwork

Handling Problem Vendors

Listen this roundtable discussion to hear from three third-party risk management experts as they share their thoughts on handling problem vendors who won't play nice in the sandbox.
6/2/202025 minutes, 57 seconds
Episode Artwork

5 Signs It's Time to Augment Third-Party Risk Staff

With so many different components and responsibilities involved in third-party risk management, organizations may not have the internal capabilities to properly manage every step of the process. Listen to this podcast to learn how to determine if your organization could benefit from outsourcing vendor management support.
5/27/20202 minutes, 10 seconds
Episode Artwork

7 Steps to Take When You Have a Vulnerable Vendor

You should be proactively taking steps to mitigate risks posed by potentially vulnerable vendors. This podcast covers seven steps you can take to ensure your organization is safe against vulnerable vendors.
5/20/20202 minutes, 13 seconds
Episode Artwork

Understanding Vendor Cybersecurity Posture with the CIA Triad

There are three key components of information security that you should monitor when analyzing your vendor’s information security strength. These components are known as the CIA Triad and the foundation for strong vendor cybersecurity posture. Listen to this 90-second podcast to understand the CIA Triad.
5/13/20202 minutes
Episode Artwork

10 Quick Signs Your Vendor's Financial Performance Is Declining

Monitoring your vendors and their financial performance is more important than ever with the current pandemic. Protect your organization by looking out for the 10 signs covered in this 90-second podcast that will indicate your vendor's financial performance is declining.
5/6/20201 minute, 51 seconds
Episode Artwork

5 Vendor Pandemic Planning Takeaways Learned from COVID-19

The recent pandemic is an important reminder that no organization is immune to business impacting events. To be better prepared for future situations similar to COVID-19, use these 5 takeways for third-party risk management.
4/29/20202 minutes, 10 seconds
Episode Artwork

What to Know About the FDIC Fintech and Third Parties Guide

There are specific third-party risk management regulatory requirements for banking and fintech organizations. Listen to this week's 90-second podcast to learn what you need to know about the FDIC guide for vendor risk management.
4/22/20202 minutes, 38 seconds
Episode Artwork

3 Constant Requirements in the Vendor Lifecycle

Each step in the vendor management lifecycle a unique process and recommended best practices. However there are 3 requirements that you should maintain throughout the entire cycle. Listen to this week's 90-second podcast to learn what they are.
4/8/20201 minute, 51 seconds
Episode Artwork

5 Next Steps After the Vendor Management Exam Concludes

While preparing for a vendor management exam is a crucial step in the process, how you follow-up after the exam is equally as important. Listen to this week’s 90-second podcast that will cover the 5 next steps you should be taking after a vendor management exam concludes.
4/1/20201 minute, 54 seconds
Episode Artwork

4 Ways to Optimize Ongoing Vendor Oversight

Ongoing oversight of your vendors is a key component of successfully managing third-party risk. By periodically conducting due diligence you will be able to ensure your vendors are still meeting your organization’s needs. This 90-second podcast covers 4 tips that will help get you started.
3/18/20202 minutes, 1 second
Episode Artwork

Overview of the 7 Pillars of Vendor Management

There are 7 fundamental elements of a strong vendor management. In this podcast we are going to dive a little deeper into what each pillar means and some ways to incorporate these pillars into your third-party risk program.
3/11/20201 minute, 30 seconds
Episode Artwork

4 Underlying Reasons Why Vendor Financial Reviews Are Critical

Does your organization understand your vendor’s financial viability and performance? If not, it’s important that you start. Here are 4 reasons why your vendor’s financial performance is crucial for your organization to report on.
3/4/20201 minute, 37 seconds
Episode Artwork

4 Tips to Help Make Vendor Management a Priority

Proper vendor risk management is important to meet regulatory guidelines and is a critical component to your organizations’ overall success. Listen to this podcast for 4 steps you need take in order to make third-party risk a key priority in your organization.
2/18/20202 minutes, 7 seconds
Episode Artwork

Who, What And Why Of A Vendor Risk Appetite Statement?

Do you need help getting started determining what your vendor risk appetite is? This podcast breaks down the common questions you may have when it comes to determining what your organization’s risk appetite is.
2/12/20202 minutes, 16 seconds
Episode Artwork

6 Tips for a Strong Vendor Management Program

Your vendor management program should be specific and unique to your organization’s needs. To help you be more successful, listen to the 6 best practices covered in this podcast for creating a solid third-party risk program.
2/5/20201 minute, 55 seconds
Episode Artwork

Understanding Initial Vendor Due Diligence

Initial due diligence is important for a few important reasons. Listen to this week’s podcast to break down what initial due diligence is, and why your organization should incorporate it into your vendor management program.
1/29/20201 minute, 36 seconds
Episode Artwork

The 6 Primary Categories Of Vendor Risk

Different types of vendor risk require unique approaches. This podcast breaks down the 6 main categories of vendor risk to help you improve your organization's overall approach.
1/22/20201 minute, 57 seconds
Episode Artwork

4 Similar Yet Different Vendor Management Concepts

Vendor management, enterprise risk management, vendor risk management and third party risk management each have a different meaning. Each concept brings varying components to an organization’s overall structure. Listen to this podcast to dive deeper into each concept.
1/8/20201 minute, 58 seconds
Episode Artwork

5 Next Steps To Address Repeat Vendor SLA Failures

When your vendor is repeatedly failing to meet the SLA requirements outlined in your contract it can have negative consequences on your organization. Use the 5 steps covered in this podcast to help you navigate how to manage vendor SLA failures.
12/31/20191 minute, 36 seconds
Episode Artwork

7 Steps to Take If It’s Time for a New Vendor in 2020

If your vendor is no longer meeting your organization’s needs, it may be time to start searching for a new vendor. Listen to this week’s 90-second podcast for 7 steps you should be taking if you think it’s time for a new vendor in 2020.
12/18/20191 minute, 42 seconds
Episode Artwork

4 Big Third-Party Risk Management Updates from 2019

Now that the year is coming to an end, it’s a good time to reflect on the big events that happened with third party risk management in 2019. Use the lessons and guidance learned this year to help your organization be more successful with vendor management in 2020.
12/11/20191 minute, 54 seconds
Episode Artwork

4 Best Practices to Improve Your Vendor Due Diligence Strategy

Managing vendor due diligence properly requires periodic updates to your process to ensure your organization is being as thorough and efficient as possible. Listen to this 90-second podcast to hear our expert tips for improving your vendor due diligence strategy.
12/4/20191 minute, 38 seconds
Episode Artwork

5 Best Practices of Successful Vendor Risk Assessments

One of the most crucial aspects of vendor management is performing a third party risk assessment. To help you get with this important part of the process, listen to this 90-second podcast that covers 5 best practices for conducting vendor risk assessments.
11/19/20191 minute, 47 seconds
Episode Artwork

8 Best Practices for Creating or Updating Your Vendor Management Program Documentation

Vendor management is constantly evolving and it’s important to keep your program as up to date as possible. Whether you’re creating your policy for the first time, or revisiting it, make sure you check out these 8 best practices to help get you started.
11/13/20191 minute, 33 seconds
Episode Artwork

Why Vendor Complaints Matter and What You Can Do

Customer complaints are a fact of life in the world we live in today. This is why you need to also monitor your vendor's complaints as a critical part of third party risk management. Listen to this week's 90-second podcast for more information.
11/6/20191 minute, 26 seconds
Episode Artwork

8 Benefits Of Vendor Risk Management

There are many benefits of vendor risk management. Understand why vendor risk is important and how to use these steps in your organization by listening to this 90-second podcast.
10/24/20192 minutes, 30 seconds
Episode Artwork

5 Tips For Budget Planning In Third-Party Risk Management Risk

Budget season is upon us! Prepare yourself and your organization by planning ahead now for third party risk. Listen to this 90-second podcast to hear 5 tips for budget planning for vendor risk management.
10/16/20191 minute, 30 seconds
Episode Artwork

Is Your Vendor's Cybersecurity Your Weak Link? Avoid the Horror

You need to protect your organization by reviewing your vendor’s cybersecurity posture to know if they are a weak link when it comes to protecting important data. Gain a better understanding of what specific items you need to look for in your vendor’s cybersecurity plan with this 90-second podcast.
10/9/20191 minute, 42 seconds
Episode Artwork

6 Best Practices For Managing Third-Party Cybersecurity Risk

You can respond, prevent and detect third party cybersecurity issues with proper vendor management processes in place. Listen to this 90-second podcast for 6 steps to take to manage third party cybersecurity risk.
10/2/20191 minute, 55 seconds
Episode Artwork

11 Items to Look for in Your Critical Vendor’s Business Continuity Plan

Proper vendor management requires you to periodically go update and improve elements of your program. To help, listen to this 90-second podcast to hear specific steps you can start taking today to improve your third party risk program.
9/25/20191 minute, 41 seconds
Episode Artwork

Interview: Glen Trudel, Banking and Corporate Attorney at Ballard Spahr, on Third-Party Risk

Glen Trudel, Banking and Corporate Attorney at Ballard Spahr, shares his perspective on regulatory compliances and his thoughts on the OCC’s Fintech charter. He also discusses general challenges organizations are facing when it comes to third party risk management and covers best practices to overcome those hurdles.
9/11/201919 minutes, 32 seconds
Episode Artwork

10 Ways to Improve Your Third-Party Risk Management Program

Proper vendor management requires you to periodically go update and improve elements of your program. To help, listen to this 90-second podcast to hear specific steps you can start taking today to improve your third party risk program.
9/4/20191 minute, 36 seconds
Episode Artwork

7 Steps To Take After Receiving A Vendor SOC Report

One of the most important steps in the vendor due diligence process is reviewing your vendor’s SOC report. Once you receive a SOC report from your vendor there are certain steps you can take to make the process more efficient. Listen to this week’s podcast to find out 7 steps to take once you receive a vendor SOC report.
8/21/20191 minute, 37 seconds
Episode Artwork

5 Ways to Prevent Problems in Third-Party Risk

The constant shift can lead to occasional problems in third party risk management. If you take the time to manage the process correctly and implement specific procedures it could help you avoid costly errors down the line. Listen to this week’s podcast to find out more about how to prevent third party risk problems.
8/14/20191 minute, 39 seconds
Episode Artwork

8 Steps to Prepare for a Third-Party Risk Management Examination or Audit

Prepping for an audit can be a stressful, especially if you are scrambling last minute to finish up vendor management tasks. However, you can help organize your team before you receive an exam or audit notice. In this 90 second podcast you’re going to learn 9 steps to help you prepare in advanced.
7/31/20192 minutes, 15 seconds
Episode Artwork

Interview: Jo Ann Barefoot, CEO at Barefoot Innovation Group, on Third-Party Risk

Jo Ann Barefoot, CEO at Barefoot Innovation group and Cofounder at Hummingbird Regtech, shares her thought provoking insight on how organizations are handling third party risk management in this industry interview. Using her extensive experience in the industry, Jo Ann shares best practices for dealing with regtech vendors – including tips for the vetting process and cybersecurity management.
7/17/201921 minutes, 10 seconds
Episode Artwork

3 Reasons to Keep Your Third-Party Risk Management Program Independent

Keeping your third party risk management efforts independent from other business processes is critical. In this 90-second podcast, we cover the 3 most important reasons why you need to keep third party risk workflows separate.
7/10/20191 minute, 30 seconds
Episode Artwork

Interview: Michael Donnella, Corporate Compliance Officer, Murphy Oil Corporation, Third-Party Risk

This Thought Leadership Interview features Michael Donnella, Corporate Compliance Officer of Murphy Oil Corporation. Michael shares his unique perspective on corporate compliance, and why having a culture of compliance in third party risk management is crucial for organizations. He also shares his thoughts on the current state of third party risk in the industry and challenges organizations face.
6/26/201932 minutes, 52 seconds
Episode Artwork

How to Determine Vendor Regulatory Risk

Regulatory risk is used to determine the vendor risk rating. Listen to this 90-second podcast to learn about how you can determine a vendor's regulatory risk.
6/12/20192 minutes, 6 seconds
Episode Artwork

5 Mid-2019 Tips to Be Proactive in Vendor Management

With 2019 well underway, we decided to put together some tips to help you stay proactive in vendor management. Listen to this 90-second podcast to get a quick refresher on third party risk best practices.
5/22/20191 minute, 28 seconds
Episode Artwork

Interview: Lori Frank, President and CEO at Argos Risk, on Third-Party Risk

This Thought Leadership Interview features Lori Frank, President and CEO of Argos Risk. During this thought-provoking interview, Lori covers current third party risk management challenges and shifts in ongoing monitoring trends that organizations are facing today. Lori also discusses in-depth best practices for third party risk and complaint management you can use to protect your organization.
5/8/201921 minutes, 47 seconds
Episode Artwork

Developing an Effective Complaint Management System

Your customers will complain at times. How your organization manages and responds to complaints has become critical. It also will help spot issues with vendors. Here are some tips to help you develop an effective complaint management system.
5/1/20192 minutes
Episode Artwork

Fourth-Party Vendor Risk Management

Fourth party risk is an important step in the vendor management process. In your contract with every one of your third party vendors you should include how you want your third party to handle communicating with you about a fourth party vendor. Here are some fourth party risk management steps you should take to better protect your organization.
4/24/20192 minutes, 31 seconds
Episode Artwork

5 Steps to Measuring Your Vendors Financial Health

Thoroughly evaluating a vendor’s performance is more than just about the numbers. It can help you discover weak financials which can indicate numerous risk factors. Here are 5 steps to measuring your vendor's financial health.
4/10/20191 minute, 19 seconds
Episode Artwork

6 Vendor Management Best Practices

Vendor contract management is the administration of written agreements with third parties that provide your organization with products or services. The process includes contract negotiation, creation, execution and analysis. In this 90 second podcast you’re going to learn what vendor contract management is and some best practices that we recommend.
4/3/20191 minute, 51 seconds
Episode Artwork

Interview: Jennie Fowler, Director of EPMO & Vendor Management Officer at ACA, on Third-Party Risk

This Thought Leadership Interview features Jennie Fowler, Vendor Management Officer with American Credit Acceptance. Throughout the interview, Jennie shares how financial institutions are doing in Third Party Risk Management and the current struggles that company’s are facing today. Jennie shares her experience and recommendations to help obtain buy in and support from the C-suite when it comes to vendor management.
3/13/201914 minutes, 40 seconds
Episode Artwork

Do I Have to Risk Rate Every Vendor?

Sometimes a vendor may not pose enough risk to an organization to make it needed to actively monitor; therefore, some organizations choose to write certain third parties out of scope. In this 90-second podcast, we will cover the steps you need to take to determine the vendors that need to be included in your vendor oversight and how to best assess risk.
3/6/20191 minute, 41 seconds
Episode Artwork

Interview: Nicole DeSantis, Associate General Counsel at Rabobank, on Third-Party Risk

This interview focuses on the unique perspective of Nicole DeSantis at Rabobank. Nicole discusses the three lines of defense model discussion and why this discipline should be implemented at your organization. She also talks about how there should be a well-developed vendor management structure at all organizations regardless of the size. And, as a GDPR expert, Nicole shares her thoughts on future GDPR implications on U.S. corporations.
2/20/201921 minutes, 38 seconds
Episode Artwork

8 Tips on Maintaining Good Vendor Relationships

Maintaining strong vendor management relationships will help lead to a successful partnership for your organization. In today’s podcast, we’ll cover 8 important tips to maintain good vendor relationships in 90 seconds.
2/13/20191 minute, 32 seconds
Episode Artwork

Your Third Parties - Potential UDAAP Risk

Since becoming one of the primary points of focus for the Consumer Financial Protection Bureau (CFPB), UDAAP has presented some concern to third party risk professionals. In this podcast we cover procedures and best practices to effectively manage UDAAP and your third parties.
2/6/20191 minute, 38 seconds
Episode Artwork

7 Reasons Why You Shouldn’t Use Spreadsheets for Vendor Risk Management

With the increase in regulations and vendor oversight requirements, managing your vendors with a spreadsheet will prove to be very inefficient. Here are 7 reasons why spreadsheets will not cut it anymore, especially in 2019.
1/31/20193 minutes, 35 seconds
Episode Artwork

4 Important Vendor Risk Management FAQs for Beginners

In today's podcast we’re going to discuss 4 important vendor risk management frequently asked questions for beginners. What vendor risk management is, why it’s important, who is involved and how vendor risk management is completed.
1/24/20194 minutes, 20 seconds
Episode Artwork

5 Quick Tips for Developing a Vendor Risk Assessment Template

Creating a vendor risk assessment template, commonly known as a VRA questionnaire can be quite the daunting task. In today’s podcast, we will cover 5 tips and recommendations to help you build a solid foundation for your vendor risk assessment template.
1/17/20192 minutes, 57 seconds
Episode Artwork

Interview: Spencer Knibbe, Co-Founder and Partner of MBK Search, on Third-Party Risk

This interview focuses on the role of vendor management in financial intuitions from a legal and regulatory perspective. Spencer Knibbe answers key questions about the specific pain points organizations are currently experiencing for third party risk management, which includes data aggregation, organizational consistency, reporting and cybersecurity.
1/16/201912 minutes, 3 seconds
Episode Artwork

How to Write a Vendor Management Policy

For vendor management, there are three unique sets of documents that you're going to want to create and update. The first document you should focus on is writing a third party risk management policy. In today's podcast, we're going to cover steps that will assist you in getting starting writing an effective risk management policy.
1/9/20192 minutes, 50 seconds
Episode Artwork

Overview Of The Pillars Of Vendor Management

There are 6 fundamental elements of a strong vendor management policy. In this podcast we are going to dive a little deeper into what each pillar means and some ways to incorporate these pillars into your third party risk policy.
1/2/20193 minutes, 52 seconds
Episode Artwork

5 Best Practices of Hiring Vendor Management Staff for 2019

Are you looking to expand your vendor management team in 2019? During today’s podcast we will discuss our top 5 recommendations to keep in mind while recruiting potential vendor management team candidates.
12/26/20181 minute, 57 seconds
Episode Artwork

7 Attributes of Good Vendor Managers to Continue in 2019

Vendor risk management is a complex job. It typically takes an individual who is meticulous in detail, thorough and patient to perform the job well. In today’s podcast, we’ll touch on some key attributes we’ve found in good vendor managers that should be continued in the new year.
12/12/20182 minutes, 52 seconds
Episode Artwork

Top 7 Best Practices in Vendor Risk Management

Since we’re nearing the end of the year, it’s a good time to reflect on 2018 and some of the vendor risk management best practices we’ve found to be very helpful. Let’s cover 7 of the 2018 best practices that should continue to be performed in the new year. They range from engaging the first line of defense through continuing education.
12/5/20182 minutes, 47 seconds
Episode Artwork

Interview: Keith Koo, from Guardian Insight Group and "Silicon Valley Insider", on Third-Party Risk

This interview covers qualifications that are needed on a third party risk management team, why cybersecurity risk is something that you can never really defeat and the importance of your response plan, how you can outsource the activity but you can’t outsource the risk - third party risk management burdens will continue to only get more complex and thought provoking conundrum about the introduction of decentralized technology, like a blockchain, and still accounting for third party risk.
12/4/201814 minutes, 35 seconds
Episode Artwork

10 Reasons to Be Thankful for Vendor Management

As we wrap up 2018, it’s a good time to reflect on the year and some of the reasons we’re thankful for a well-developed vendor management program. Listen to this podcast to learn 10 reasons to be thankful for vendor management.
11/20/20182 minutes, 14 seconds
Episode Artwork

Interview: Brian Tate, President & CEO at NBPCA, on Third-Party Risk Management

Listen to this interview with Brian Tate, President and CEO at Network Branded Prepaid Card Association (NBPCA) where he covers both a legal and industry perspective on third party risk, understanding the impact of fraud in third party risk management, how properly investing in third party risk management protects you and your organization, discussion regarding increased oversight at the state level and a post Dodd-Frank Act lesson - senior management and the board must be involved.
11/14/201820 minutes, 4 seconds
Episode Artwork

Preparing for Periodic Vendor Updates to the Board

As you wrap up 2018, it’s a good idea to think about your process for reporting to the board. Whether it’s your regularly scheduled, perhaps quarterly meeting, or whether it’s your summation of all activities for an annual board report, third party risk management needs to be a part of the board’s regular activities. Listen to today’s podcast where we’re going to touch on our recommendations to best prepare for periodic vendor updates to the board.
11/14/20184 minutes, 22 seconds
Episode Artwork

Following Up on Vendor Management Exam Findings

After an examiner pays you a visit and the report and recommendations are complete, it’s important to not only review the findings and recommendations but to also take follow-up action internally. Listen to this podcast where we discuss the five best practices you should be doing as a follow up to your exam.
11/7/20182 minutes, 59 seconds
Episode Artwork

The Basics of a Vendor Business Continuity Plan (BCP) Report

BCP stands for business continuity planning. Business continuity is what you do to ensure that key operations, products and services continue to be delivered either in full OR at a predetermined, and accepted, level of availability. Today, most people would have this outlined as part of a service level agreement (or SLA). When you think of business continuity and your vendor, it covers things like what would they do in the event of a loss of personnel, if their facilities or services were down; what their planning with public entities such as emergency services is like, and communications with their own identified key vendors, their clients like you, employees and the media. Listen to this podcast where we discuss the basics of a BCP Report.
11/1/20184 minutes, 56 seconds
Episode Artwork

Vendor Management Expectations in 2019 - Are You Prepared?

Listen as we discuss seven vendor risk management expectations for 2019, what to focus on and tips for each. Topics include cybersecurity, increasing regulatory requirements, compliance concerns, the OCC fintech charter, changes in political landscape, GDPR and responding to change in general.
10/17/20183 minutes, 32 seconds
Episode Artwork

Interview: Ashley Kelley, VP of ERM at Atlanta Postal Credit Union, on Third-Party Risk Management

Listen to our exclusive interview with Ashley Kelley, VP of ERM at Atlanta Postal Credit Union, as part of our Thought Leadership Series where we talk with many of the industry's sought-after leaders to discuss third party risk management. Listen to this interview with Ashley Kelley for discussions on: A credit union expert's perspective on third party risk management overall Centralizing third party risk management - why it can be a struggle but is very needed Insight from the VP for the International Association of Financial Crimes Investigators (IAFCI) on cybersecurity expectations and concerns
10/10/201814 minutes, 46 seconds
Episode Artwork

Quick Tips for Developing Your Third-Party Policy, Program and Procedures

A well-developed policy, program and procedure documents are all crucial to the success of an organization’s third party risk management department. Listen for some quick tips to help you develop, or revamp, your third party policy, program and procedures.
10/10/20182 minutes, 44 seconds
Episode Artwork

What is the Difference Between a Vendor SOC 1 and SOC 2 Report?

SOC reports differ based on what they cover, how the auditor performs the assessment and level of detail. This way, the vendor can avoid each client performing their own audit of the vendor’s system. Listen now to learn the differences between a SOC 1 and SOC 2 report and Type 1 and Type 2.
10/3/20182 minutes, 23 seconds
Episode Artwork

11 Reasons for a Third-Party Risk Management Budget in 2019

If done right, third party risk management is a strategic advantage. It’s an expense but also the best way to defend your company when risk is posed. In this podcast, we'll go through 10 reasons to consider your third party risk management department/program when budgeting for the upcoming year.
9/19/20183 minutes, 3 seconds
Episode Artwork

Interview: Michael Morris, Systems Partner at Porter Keadle Moore, LLP on Vendor Risk

This interview covers an auditor's perspective on how organizations are addressing third party risk management, best practices for managing risk, addressing today's cybersecurity threats and risks, top areas of concern for a SOC audit report, the importance of your subservice vendors (aka your vendor's vendor or fourth party), pre-contract considerations, vendor oversight and how vendor risk management training at the board level helps.
9/12/201813 minutes, 54 seconds
Episode Artwork

Budgeting for 2019: 5 Vendor Contract Considerations

When budgeting for the upcoming year, its a best practice to consider the costs associated with negotiating key contract terms and pricing. Listen as Venminder CFO, Mike Campbell, covers 5 vendor contract considerations for your 2019 budget.
9/12/20183 minutes, 7 seconds
Episode Artwork

Vendor Risk Management and FFIEC Appendix J

Learn how FFIEC’s Appendix J relates to your vendor risk management program, four key elements of business continuity planning that you should address when contracting with a third party service provider and our recommendations to best incorporate Appendix J into your vendor risk management program.
9/5/20183 minutes, 5 seconds
Episode Artwork

5 Third-Party Risk Management Best Practices for a Fintech Provider

As a fintech provider, your third party risk management process will become well-developed and more organized by following these 5 best practices. In turn, your clients will feel much more at ease when selecting you as their preferred vendor of choice to continue doing business with. It’s a win for both parties. Listen now.
8/22/20183 minutes, 11 seconds
Episode Artwork

The Importance of Vendor Due Diligence

We know that vendor vetting and ongoing monitoring are both important stages of the vendor lifecycle and due diligence process, however, why exactly is due diligence so important for vendor risk management? Listen to learn the top 5 reasons.
8/16/20182 minutes, 40 seconds
Episode Artwork

4 Best Practices to Take Away During a Breach

We all hope to never experience a breach at our organization, but if it does happen, do you know what to do? You can minimize the chance of it happening again by using those mistakes to improve your third party risk management program. Listen to Third Party Thursday now for 4 best practices.
8/8/20182 minutes, 33 seconds
Episode Artwork

Tips To Balance Third-Party Risk Management Tasks

Balance is incredibly important, especially in this industry. Listen to this podcast to learn 6 tips to balance your Third Party Risk Management tasks.
8/1/20183 minutes
Episode Artwork

Interview: Amy Hanna Keeney, Attorney with Adams and Reese LLP, on Vendor Risk

Listen to this interview where Amy Hanna Keeney, Attorney with Adams and Reese LLP, talks about Vendor Risk.
7/31/201815 minutes, 17 seconds
Episode Artwork

How to Do a Vendor Risk Assessment

Learn how to perform a check on your third party risk management program to determine the progress you've made. It is essential for the future success of your program to run through these 6 steps and best practices.
7/18/20184 minutes, 6 seconds
Episode Artwork

Improving The Process And Documenting a Mid-Year Third-Party Risk Management Progress Check

You've completed the 6 steps and best practices for a mid-year third party risk management progress check, so now what? Listen to our vendor risk management podcast to learn the next steps to take, how to document the findings and improving upon the process. Tune in to Third Party Thursday now.
7/11/20183 minutes, 31 seconds
Episode Artwork

Interview: Loraine DeBonis at Ubiquity Compliance Solutions on Vendor Risk

Join Venminder's interview with Loraine DeBonis at Ubiquity Compliance Solutions for key takeaways from a panelist at the NBPCA’s Power of Prepaid conference perspective, challenges banks & prepaid program managers are facing regarding the Fed’s Regulation E, improving risk management and more.
7/10/201814 minutes, 49 seconds
Episode Artwork

How to Do a Mid-Year Third-Party Risk Management Progress Check

Listen to this vendor management podcast to learn how to perform a check on your third party risk management program to determine the progress you've made. It is essential for the future success of your program to run through these 6 steps and best practices. Tune in to Third Party Thursday now.
7/5/20183 minutes, 24 seconds
Episode Artwork

Interview: Ed DeMarco of the Risk Management Association on Vendor Risk

Join Venminder's interview with Ed DeMarco, General Counsel and Director of Operational Risk & Regulatory Relations/Communications at the Risk Management Association (RMA), for information on vendor risk management challenges & best practices, cyber, vendor oversight, regulatory compliance & more.
6/26/201820 minutes, 40 seconds
Episode Artwork

Fundamentals of Business Continuity Planning (BCP) within Vendor Management

Business Continuity Planning (BCP) is important to you and your vendors. Listen to this podcast as we talk about the fundamentals and guide you through creating or reviewing BCPs - the appropriate regulatory guidance to follow, what to plan for, what to restore first and how to recover.
6/20/20182 minutes, 9 seconds
Episode Artwork

9 Tips to Prepare for a Third-Party Risk Exam

Don’t panic about the notification of a third party risk exam - we can help you prepare for the examiner's arrival. 3-4 months in advance of the examiners’ arrival, you should prepare or fine-tune the 9 following documentation items. Listen to this vendor risk management podcast to learn more.
6/13/20184 minutes
Episode Artwork

Interview: Jim Hussey, Founder of IT-TPRM.com, on Third-Party Risk Management

Join Venminder's interview with Jim Hussey, Founder of IT-TPRM.com, for a discussion on vendor risk management challenges, why you should place heavier focus on technology or fintech risk, how to engage the first line of defense, advice on meeting OCC lifecycle expectations, best practices and more.
6/12/201814 minutes, 10 seconds
Episode Artwork

Understanding Your Vendor's SOC Report - The Basics

What is a SOC report? A SOC report is an independent audit report performed by a public accounting firm and attests to the existence and effectiveness of the controls put in place to safeguard your data. Listen to this podcast as we break down 6 of the most important parts of your vendor's SOC report.
6/6/20184 minutes, 4 seconds
Episode Artwork

7 First Line of Defense Best Practices for Vendor Risk Management

Listen to this week's Third Party Thursday Podcast to learn about the lines of defense, specifically the first line, as it relates to vendor risk management.
5/23/20184 minutes, 44 seconds
Episode Artwork

Interview: Andrew Lorentz, Partner at Davis Wright Tremaine LLP, on Third-Party Risk Management

Listen to this interview with Andrew Lorentz, Partner at Davis Wright Tremaine LLP to hear his perspective on Third Party Risk Management.
5/22/201818 minutes, 53 seconds
Episode Artwork

Fourth Party Vendor Monitoring

Fourth party risk and liability is often overlooked because there isn't direct relationship with the fourth party vendor. It’s important to always know your vendor and this waterfalls down to fourth and third parties. Listen now for the 3 oversight steps to take regarding your fourth party vendors.
5/16/20183 minutes, 31 seconds
Episode Artwork

The 3 Vendor Risk Management Frameworks

There are three vendor management models that we typically see: centralized, decentralized and a hybrid approach. These allow the vendor risk manager to set standards while allowing for communication through the relationship manager and on to the vendor. Listen to this Third Party Thursday where we'll cover the differences between the three and determine which is best for you.
5/9/20184 minutes, 30 seconds
Episode Artwork

Criticality and Vendor Oversight

When determining your level of oversight on a vendor, you’ll clearly want to determine their criticality and risk level first. This is an essential and ongoing process for mitigating vendor risk. Listen to this podcast to help guide you through the process.
5/2/20186 minutes, 16 seconds
Episode Artwork

Interview: Glen Trudel, Partner at Ballard Spahr on Third-Party Risk Management

This interview covers biggest third party risk struggles financial institutions are facing, how to handle ongoing vendor risk management, addressing cybersecurity, board demonstrating their involvement, industry expectations and more.
4/24/201819 minutes, 37 seconds
Episode Artwork

Non-Elective Vendor Oversight Responsibility

While the General Data Protection Regulation, aka GDPR, is a European regulation, it has a global impact on any company which is collecting, storing or accessing European resident private data. The effective date of this regulation begins May 25, 2018. Listen to Third Party Thursday to learn what you need to know about GDPR and third party risk in order to be prepared and stay in compliance.
4/18/20184 minutes, 45 seconds
Episode Artwork

How to Fit Third-Party Risk Management into your ERM Program

Often times, people get confused between Enterprise Risk Management (ERM) and Third Party Risk Management (TPRM). In the past, we've covered the technical differences between ERM and third party risk management. Today, Third Party Thursday covers steps and tips on how to properly integrate Third Party Risk Management in your Enterprise Risk Management Program.
4/11/20182 minutes, 31 seconds
Episode Artwork

Interview: James Russell, CPA at Russell Bank Consulting on Third-Party Risk Management

Listen to this interview to hear James Russell, CPA at Russell Bank Consulting as he provide insight into third party risk management from his perspective as an auditor. You will discussions on: * Third party management changes over the last decade * Common third party risk management issues during examination * A real life example of a third party risk management relationship that went downhill
4/5/201819 minutes, 52 seconds
Episode Artwork

How GDPR Impacts Third-Party Risk Management

While the General Data Protection Regulation, aka, GDPR is a European regulation, it has a global impact on any company which is collecting, storing or accessing European resident private data. The effective date of this regulation begins May 25th, 2018. Listen to this Third Party Thursday podcast to learn what you need to know about GDPR in order to be prepared and stay in compliance.
3/28/20183 minutes, 42 seconds
Episode Artwork

ERM vs. TPRM

Join us for today's Third Party Thursday podcast. It covers the difference between ERM and TPRM, and why you should be paying extra attention to third party risk management inside of your enterprise risk management.
3/21/20181 minute, 37 seconds
Episode Artwork

How Much Staffing is Needed to do Third-Party Risk Management?

Branan Cooper, Venminder's Chief Risk Officer will walk you through several factors to consider when determining how much staff is needed to do third party risk management well.
3/14/20182 minutes, 44 seconds
Episode Artwork

Five Common Pitfalls in Vendor Contracts

Listen to this podcast where Venminder's Chief Risk Officer, Branan Cooper will focus on the contracts themselves and some common pitfalls as well as a few ideas of how to avoid them.
3/7/20182 minutes, 24 seconds
Episode Artwork

Interview: Elizabeth Khalil, Partner at Dykema Gossett on Third-Party Risk Management

Listen to this podcast where Venminder's Chief Risk Officer, Branan Cooper interviews Elizabeth Khalil, Partner at Dykema Gossett PLLC on her thoughts on Third Party Risk Management.
3/6/201822 minutes, 19 seconds
Episode Artwork

Interview: Marilyn Bochicchio, Founder of Hidden Brain, on Third-Party Risk Management

Listen to this podcast where Venminder's Chief Risk Officer, Branan Cooper chats with Marilyn Bochicchio, Founder of Hidden Brain on her thoughts on third party risk management.
3/6/201816 minutes, 16 seconds
Episode Artwork

Creating Awareness of Third-Party Risk Management within Your Organization

Join us to learn tips on how you can help foster a third party risk management mindset within your team and organization.
2/28/20182 minutes, 29 seconds
Episode Artwork

9 Key Components of a Successful Third-Party Risk Management Plan

Listen to this week's podcast as it covers 9 key components to implement into your own third party risk management program.
2/14/20183 minutes, 17 seconds
Episode Artwork

Consumer Complaints and Vendor Management

Consumer complaints are an expense of being in business, but also a chance to respond and turn it around to a more positive interaction and fix vendor management issues. Learn how in Third Party Thursday.
2/7/20182 minutes, 32 seconds
Episode Artwork

Third-Party Risk Management Regulatory Compliance During Regulatory Change

Daily vendor management regulatory compliance efforts you can implement in order to keep up with third party risk regulatory reform.
1/31/20181 minute, 46 seconds
Episode Artwork

Interview: David Stevens, President & CEO of MBA, on Third-Party Risk Management

This interview covers cost benefit analysis of compliance, regulations that effected and are currently effecting the lending industry, outsourcing risk management functions, third party risk strategy, advice from the MBA perspective on consumer data breaches, data security, cybersecurity, lessons learned from the housing crisis and the CFPB relation to regulatory compliance.
1/31/201825 minutes, 43 seconds
Episode Artwork

Interview: Shane Martin, EVP of InHouseUSA, on Third-Party Risk Management

Listen as we take a deep dive into the application of third party risk in the world of appraisal management. Two experienced mortgage professionals talk about how to stay in compliance, how outsourced vendor management solutions help, best practices for selecting and managing appraisers, what types of due diligence you need to do for Appraisal Management Companies (AMCs), Dodd Frank, regulatory compliance challenges and differences between internal appraisal management and outsourcing to an AMC solution provider.
1/30/201818 minutes, 57 seconds
Episode Artwork

Interview: Suresh Ramakrishnan, SVP of Ascendum Solutions, on Third-Party Risk Management

Learn all about outsourcing third party risk functions in this in-depth podcast. Two seasoned mortgage lending industry experts provide an inside look into the benefits and risks associated with offshoring and outsourcing solutions and services, the difference in attitudes between early adopters of outsourcing to provide strategic advantages, the hurdles late adopters have regarding data security and a mindset of a loss of control, best practices and how outsourcing (if managed correctly) can provide greater efficiencies, reduce your workload and help with cost management.
1/30/201815 minutes, 45 seconds
Episode Artwork

UDAAP and What It Means to Your Third-Party Risk Management Program

What you need to know about Unfair Deceptive or Abusive Acts and Practices) and how they effect your third party risk management program.
1/17/20182 minutes, 46 seconds
Episode Artwork

Due Diligence on Your Fintech Vendors

How to determine which due diligence questions to ask and what standard should firmly be expected of your Fintech vendors.
1/10/20182 minutes, 39 seconds
Episode Artwork

Third-Party Risk Management Year End 2017

Listen as we wrap up the 2017 Third Party Thursday Series with one final podcast for the year and we want to thank you!
12/27/201748 seconds
Episode Artwork

Why It's Important to Stay Abreast of New Vendor Management Regulatory Guidance

If you don't stay up to date on new regulations, you'll find yourself out of compliance and perhaps out of business. Listen to our podcast for several reason why you need to stay up-to-date on vendor management regulatory guidance.
12/20/20172 minutes, 6 seconds
Episode Artwork

Vendor Classification

Learn about 'bucketing' your vendors and how this classification system can help you with third party oversight and ongoing monitoring.
12/13/20172 minutes, 13 seconds
Episode Artwork

Developing an Effective Complaint Management System for Vendor Management

A well run compliant management system can take an upset customer and turn them into your best customer. Listen to learn what to include in your compliant policy and compliant management system.
12/6/20172 minutes, 32 seconds
Episode Artwork

What Should Be in Your Third-Party Risk Examination Preparation Handbook

It covers what should be in your examination preparation handbook - from the best strategy to tips on how to stay ready, we've got you covered!
11/30/20173 minutes, 40 seconds
Episode Artwork

How to Properly Identify Your Critical Vendors

Learn how to properly identify your critical third party vendors.
11/22/20171 minute, 46 seconds
Episode Artwork

Learning the Fundamentals of Third-Party Risk Management

Learn the key takeaways from important third party risk regulatory guidance released by the OCC, FDIC, and FFIEC.
11/15/20171 minute, 25 seconds
Episode Artwork

Third-Party Risk Management Education Best Practices

Maybe you're brand new to third party risk management, or maybe you've been doing it since the time it was known as generally a quality assurance function and nothing else. Either way, listen to learn how keeping abreast of best practices and staying informed on the regulatory environment are great ideas for everyone involved.
11/8/20171 minute, 43 seconds
Episode Artwork

Prevention of Problems in Third-Party Risk

Learn how being proactive can ultimately prevent problems in third party risk management. Our expert gives three examples of how you can be proactive.
11/1/20171 minute, 53 seconds
Episode Artwork

Learning From Enforcement Actions

What do you do when you find out one of your third parties is named in an enforcement action, even if unrelated to your institution? Listen to this podcast for six tips from a third party risk expert.
10/25/20172 minutes, 11 seconds
Episode Artwork

Creating a Culture of Compliance for Vendor Management

It covers creating a culture of compliance to have successful vendor management. We'll discuss what that means and how to get it.
10/19/20171 minute, 30 seconds
Episode Artwork

Do I Have to Risk Rate Every Vendor?

We'll cover why it's necessary to risk rate EVERY vendor when conducting your vendor risk assessments. And, we'll give a couple quick tips in doing so.
10/12/20171 minute, 37 seconds
Episode Artwork

Vendor Management Board Reporting

Learn which third party activities your board should be involved in according to regulators, and what information is essential in a board report.
9/28/20171 minute, 30 seconds
Episode Artwork

UDAAP - Unfair, Deceptive or Abusive Acts or Practices

Learn from our Chief Risk Officer about Unfair, Deceptive, Abusive Acts and Practices, the role of the CFPB and enforcement actions in the world of third party risk.
9/14/20172 minutes, 33 seconds
Episode Artwork

Brand Names and Vendor Due Diligence

Brand Names and Vendor Due Diligence by Third-Party Risk Education
8/31/20171 minute, 33 seconds
Episode Artwork

Guidance on OCC Bulletins 2017-7 and 2017-21

Listen to this podcast to learn key takeaways from two OCC bulletins issued this year on third party risk management, OCC Bulletins 2017-7 and 2017-21.
8/3/20171 minute, 55 seconds
Episode Artwork

The Basic Concepts of Third-Party Risk Management Framework

Learn the basics of the third party risk management framework including how it relates to enterprise risk management (ERM).
7/27/20171 minute, 26 seconds
Episode Artwork

Best Practices of Vendor Contract Management

Listen to this podcast to learn about vendor contract management from our experts, the importance of contracts to your institution and what steps you should take to protect your institution.
7/20/20172 minutes, 11 seconds
Episode Artwork

FFIEC Appendix J and E

FFIEC Appendix J and E by Third-Party Risk Education
7/13/20172 minutes, 42 seconds
Episode Artwork

7 Vendor Risk Attributes to Consider

Learn the 7 key things you should do with every new vendor. These steps are essential to the vendor vetting process and determining how much you know about the company with whom are you planning to do business.
7/13/20172 minutes, 39 seconds
Episode Artwork

Analyzing SOC Controls

Analyzing SOC Controls by Third-Party Risk Education
6/30/20175 minutes, 10 seconds
Episode Artwork

CIA Triad Within Vendor Management

CIA Triad Within Vendor Management by Third-Party Risk Education
6/30/20172 minutes, 35 seconds
Episode Artwork

How, When & Why To Use a Vendor Information Security Questionnaire

How, When & Why To Use a Vendor Information Security Questionnaire by Third-Party Risk Education
6/30/20172 minutes, 47 seconds
Episode Artwork

What Is SSAE 18?

What Is SSAE 18? by Third-Party Risk Education
6/30/20174 minutes, 27 seconds
Episode Artwork

Understanding Vendor SOC Scope, Time And Narrative

Understanding Vendor SOC Scope, Time And Narrative by Third-Party Risk Education
6/30/20173 minutes, 22 seconds
Episode Artwork

5 Types Of Vendor SOC Reports

5 Types Of Vendor SOC Reports by Third-Party Risk Education
6/30/20174 minutes, 2 seconds
Episode Artwork

FFIEC's Cybersecurity Assessment Tool

FFIEC's Cybersecurity Assessment Tool by Third-Party Risk Education
6/30/20173 minutes, 1 second
Episode Artwork

3 Key Points To Review In Service Organization Controls (SOC) Reports

3 Key Points To Review In Service Organization Controls (SOC) Reports by Third-Party Risk Education
6/30/20174 minutes, 15 seconds
Episode Artwork

Security & Confidentiality Provisions Which Should Be Addressed In All Third-Party Agreements

Security & Confidentiality Provisions Which Should Be Addressed In All Third-Party Agreements by Third-Party Risk Education
6/30/20174 minutes, 38 seconds
Episode Artwork

Mitigating Vendor Contract Management Risk

Mitigating Vendor Contract Management Risk by Third-Party Risk Education
6/30/20173 minutes, 2 seconds
Episode Artwork

5 Key Provisions To Look For In Your Critical Vendor Contracts

5 Key Provisions To Look For In Your Critical Vendor Contracts by Third-Party Risk Education
6/30/20174 minutes, 11 seconds
Episode Artwork

Consequences of a Vendor's Poor Financial Performance

Consequences of a Vendor's Poor Financial Performance by Third-Party Risk Education
6/30/20174 minutes, 9 seconds
Episode Artwork

What to do When a Vendor Refuses to Provide Financial Statements

What to do When a Vendor Refuses to Provide Financial Statements by Third-Party Risk Education
6/30/20172 minutes, 33 seconds
Episode Artwork

What's In The News Matters

What's In The News Matters by Third-Party Risk Education
6/30/20173 minutes, 41 seconds
Episode Artwork

Your Vendors and Cloud Computing

Your Vendors and Cloud Computing by Third-Party Risk Education
6/30/20173 minutes, 26 seconds
Episode Artwork

What Can You Do Now To Prepare For 2017

What Can You Do Now To Prepare For 2017 by Third-Party Risk Education
6/30/20173 minutes, 4 seconds
Episode Artwork

Best Practices In Vendor Management

Best Practices In Vendor Management by Third-Party Risk Education
6/30/20173 minutes, 19 seconds
Episode Artwork

Defining Critical Vs Non Critical Vendors

Defining Critical Vs Non Critical Vendors by Third-Party Risk Education
6/30/20171 minute, 52 seconds
Episode Artwork

Critical Vendors - What To Review

Critical Vendors - What To Review by Third-Party Risk Education
6/30/20173 minutes, 35 seconds
Episode Artwork

10 Common Vendor Management Errors

10 Common Vendor Management Errors by Third-Party Risk Education
6/30/20173 minutes, 16 seconds
Episode Artwork

10 Steps To Creating Your Vendor List

10 Steps To Creating Your Vendor List by Third-Party Risk Education
6/30/20173 minutes, 19 seconds
Episode Artwork

Third-Party Due Diligence

Third-Party Due Diligence by Third-Party Risk Education
6/30/20174 minutes, 4 seconds
Episode Artwork

Keeping Your Vendor List and Process Current

Keeping Your Vendor List and Process Current by Third-Party Risk Education
6/30/20172 minutes, 47 seconds
Episode Artwork

Enterprise Risk Management Vs Vendor Management

Enterprise Risk Management Vs Vendor Management by Third-Party Risk Education
6/30/20172 minutes, 22 seconds
Episode Artwork

Vendor Mangement Risk Assessments

Vendor Mangement Risk Assessments by Third-Party Risk Education
6/29/20171 minute, 4 seconds
Episode Artwork

Fundamental Third-Party Risk Management Best Practices

Fundamental Third-Party Risk Management Best Practices by Third-Party Risk Education
6/29/20174 minutes, 37 seconds
Episode Artwork

The Lifecycle Approach To Third-Party Risk Management

The Lifecycle Approach To Third-Party Risk Management by Third-Party Risk Education
6/29/20172 minutes, 45 seconds
Episode Artwork

Why There Is So Much Focus On Third-Party Risk

Why There Is So Much Focus On Third-Party Risk by Third-Party Risk Education
6/29/20172 minutes
Episode Artwork

How to Write a Third-Party Program

How to Write a Third-Party Program by Third-Party Risk Education
6/29/20172 minutes, 31 seconds
Episode Artwork

How to Write a Third-Party Policy

How to Write a Third-Party Policy by Third-Party Risk Education
6/29/20171 minute, 47 seconds
Episode Artwork

Vendor Business Continuity And Disaster Recovery Plans

Vendor Business Continuity And Disaster Recovery Plans by Third-Party Risk Education
6/29/20173 minutes, 43 seconds
Episode Artwork

Importance Of Complementary User Entity Controls

Importance Of Complementary User Entity Controls by Third-Party Risk Education
6/29/20172 minutes, 59 seconds
Episode Artwork

Fourth Parties

Fourth Parties by Third-Party Risk Education
6/29/20171 minute, 24 seconds
Episode Artwork

3 Lines Of Vendor Management Defense

3 Lines Of Vendor Management Defense by Third-Party Risk Education
6/29/20171 minute, 30 seconds
Episode Artwork

Evolution Of Third-Party Risk

Evolution Of Third-Party Risk by Third-Party Risk Education
6/29/20172 minutes, 2 seconds
Episode Artwork

Defining The Scope Of Your Third Party Risk Management Program

Defining The Scope Of Your Third Party Risk Management Program by Third-Party Risk Education
6/29/20171 minute, 47 seconds
Episode Artwork

7 Steps of Vendor Vetting

7 Steps of Vendor Vetting by Third-Party Risk Education
6/29/20174 minutes, 24 seconds