Anyone who is involved in vendor risk management knows the intricacies of the various tasks.  In this podcast, learn tips and common ways you can utilize vendor risk management software to streamline your processes.

In this interview, Venminder's Hilary Jewhurst is joined by Barb Lowman, President at CUNA Strategic Services and Idrees Rafiq Jr, Information Security & Risk Management Consulting, Vice President at Cornerstone Resources to discuss the effects that fintech organizations have on credit unions.

Building a fourth-party vendor inventory can be challenging, but it's crucial to protect your organization from an extensive risk landscape. This podcast explains how to build a fourth-party vendor inventory and tips to keep in mind.

Although a vendor's risk can change over time, risk-based due diligence is a a good strategy that provides consistent results. In this podcast, learn three ways risk-based vendor due diligence can improve your efficiency.

In this thought leadership interview, learn how to implement vendor privacy scores into your third-party risk management practices with Venminder's Hilary Jewhurst and Osano's Rachel Ormiston

The economy has faced many challenges the past few years, from the pandemic, supply chain issues, ongoing global wars, and others. These events present many challenges for organizations and their looking to cut costs. As a result third-party risk management teams are on the chopping block.

In this interview, Andrew discusses how cyber insurance is important for your third-party risk management program, what it generally covers, what it doesn't cover, and more.

In this informative podcast, learn 4 key recommendations to implement in your third-party risk management programs to mitigate and manage vendor risk this upcoming year.

In this podcast, we'll reflect back on what's been happening in the world of third-party risk this year. We've included five takeaways, from AI to the fall of Silicon Valley Bank. Listen now!

Throughout this interview, Tom Rogers defines the characteristics that make up a fourth-party vendor and uncovers the steps to manage them. Listen to this interview to learn about fourth party due diligence, regulations, and best practices.

Learn best practices that should be included in your third-party risk management program to ensure you keep your organization protected from data breaches and other cybersecurity incidents.

Partnering with a large well-known vendor can prove to be beneficial. However, in some instances larger vendors can be more difficult to effectively manage. Learn the essential tips and best practices to mitigate vendor risk with your large vendors.

Throughout this interview, Mike Morris Highlights the SEC Proposed Outsourcing Rule and it's impact on vendor risk management. Listen to learn answers to common questions, tips and suggestions, as well as a general overview of the SEC Proposed Outsourcing Rule.

Regulatory examiners have distinct expectations when it comes to the boards involvement in third-party risk management. Listen to learn the board's place in regulatory exams, and how you can lend a helping hand.

Although your organization may have limited resources for your third-party risk management program, you don't have to fall behind. Even smaller teams can manage the complex and interrelated processes involved in TPRM by using software.

Collaboration with vendor owners involves a lot of day-to-day activities, spanning across the three stages of the third-party risk management lifecycle. This podcast outlines useful tips that can improve collaboration between your third-party risk management team and your vendor owner.

No matter the vendor, there may be issues that arise at any point in the vendor relationship. In this podcast, learn examples of third-party risk management issues you may encounter.

Effective third-party risk management can help your organization mitigate supply chain risk. Natural disasters and cyberattacks are just two examples of business disrupting events. This podcast outlines four examples of TPRM can help you mitigate supply chain risk.

In today's business climate vendor financial health monitoring is important. There are several factors to consider when reviewing vendor financial health including, inflation, political instability, and more.

After conducting our State of Third-Party Risk Management Survey in November of last year, we've analyzed the results and found six highlights that you should pay close attention to this upcoming year.

Even in today's increasingly remote working environment, you need to perform on-site vendor visits. In this podcast, we'll highlight 6 reasons on-site vendor visits are a valuable part of your due diligence practice.

For many, 2022 was a challenging year. From supply chain disruptions to regulatory updates, and the threat of malicious actors. In this podcast, learn six TPRM best practices to bring into 2023.

TPRM involves many activities that can take up a lot of your team's times and resources. In this podcast, learn 5 advantages of outsourcing your third-party risk management tasks.

Protecting your customers' sensitive information is important. It's important to understand the weaknesses and risks associated with your vendors.  In this podcast, learn how to safeguard your organization from third-party cyber risk.

When dealing with your critical vendors, it's necessary to ensure that all parties know what is expected of them and what the dealbreakers are in the relationship. Learn 4 best practices of critical vendor contract management in this podcast.

Keeping the patient proactive care model in mind when considering third-party risk management is important. This podcast highlights 4 steps to take in creating a TPRM program for a health organization.

Although there is still limited legislation on mandatory ESG disclosures, regulators are continuing to address issues like climate change and modern slavery. This podcast highlights three ways you can help your vendor prepare for ESG disclosures.

Having an exit strategy in case your vendor relationship must come to an end is crucial. When faced with offboarding a vendor, you'll want to avoid any surprises. Learn 4 exit strategies in this informational podcast.

Vendor financial health includes many factors that your organization should be cognizant of and reviewing accordingly. This podcast highlights three mistakes to avoid and ensure there is comparability and consistency across your vendor financial reviews.

There is a beginning and end to every third-party relationship. In this informative podcast, you’re going to learn the stages of the third-party risk management lifecycle and a little about each one.

Mitigating vendor risk is an important component of your third-party risk management program to ensure that your overall business operations can continue on. This podcast highlights what you need to do to mitigate vendor risk.

Venminder's State of Third-Party Risk Management survey highlighted the top 4 trends for TPRM in 2022. Listen to this podcast to learn what they are.

2022 is sure to be full of uncertainties and challenges for vendor management. Listen to this podcast that highlights 3 best practices to follow this year.

This podcast highlights three main third-party risk management lessons in 2021. Listen on to learn how your organization can use these lessons to prepare for 2022.

Tune in to our latest podcast to learn four tips to build a successful third-party risk management program. What to include, who's involved and more.

In this podcast you will learn the four things to review in a third-party incident response plan and understand how your vendor will respond to an incident when it happens.

Throughout this interview Michael highlights the importance of third-party risk management, the challenges his firm faced when implementing a TPRM program and best practices for board and senior leadership involvement in third-party risk management.

Listen to this podcast to get an understanding of what a vendor confidentiality agreement is and why it's important in third-party risk management strategy

Tune in to this podcast where we explain how to get from inherent vendor risk to residual risk. Learn how to calculate these risks with a quick example.

Listen in on this podcast that describes the various types of vendor business continuity and disaster recover testing. Learn the common tests that take place and what you should look for in your results.

Listen to this 90 second podcast to learn the best practices for overseeing international vendors. Ensure you are doing your due diligence when vetting, understanding their financial documentation and obtaining references.

Listen to this podcast to understand the basics of vendor compliance risk, understand the faults of these risks and how to protect your organization.

Understanding third-party risk management can be complex, but it doesn't have to be. Listen to this podcast to understand what third-party risk management is and how it is a valuable asset to your organization.

Learn about acceptable documents to request from your privately held vendors, how to assess their risk, and understand their financial state.

Understanding the key roles involved in third-party risk management is important to you and your organization. Learn their responsibilities and how they fit into your third-party risk management program.

There are vendor management best practices you should be aware of to help avoid being deceived by a vendor. Listen to this podcast to quickly learn three tips to help you with the process.

Spring is around the corner and it’s the perfect time to dust off your vendor management program and clean up your processes. This podcast covers some tips that you need to know when improving your approach to third-party risk management

Due diligence is a critical step in the vendor lifecycle, and when done properly, can set your organization up for success. Find out how to get started with the process by listening to this week’s podcast that covers fast facts you need to know.

No one wants to go into a vendor relationship planning for it’s demise – but it happens! If you have a vendor that is no longer meeting your organization’s needs, make sure you listen to this week’s 90-second podcast to hear about how you can successfully offboard one of your vendors.

It’s a common misconception that a vendor questionnaire and vendor assessment are the same thing – but they actually have key differences that it’s important you understand. Listen to this podcast to hear more about the differences between questionnaires and assessments and why your organization needs both.

Ongoing vendor due diligence, or ongoing monitoring is one of the most important steps in the vendor lifecycle. Find out what you need to know about the process and the key points of ongoing vendor due diligence that you should be aware of in this 90-second podcast.

Creating and keeping your procedures documentation updated is a key step to achieving vendor management success. Listen to this week's 90-second podcast to help you accomplish this with five creation tips.

Are you selecting a core processing vendor? There are some things that you need to make sure you're considering. Listen to this 90-second podcast to learn about the factors you need to keep top of mind.

New to third-party risk management? Get back to the basics with a breakdown of what vendor management is and some important tips to help get you started with this 90-second podcast.

2020 was certainly an interesting year and had major industry updates because of the pandemic. Find out what important lessons you need to be aware of going into the new year so you can be more successful in vendor management.

The end of the year is upon us and there are certain vendor management tasks that must be completed. This 90-second podcast covers a few of the items that you should tackle before the end of the year to be better prepared for 2021.

In the spirit of Thanksgiving, we want to help you figure out the best way to gather vendor management resources. Listen to this 90-second podcast that covers some of our useful tips to help you stay on top of new third-party risk management news and resources.

Vendor risk management is a necessary investment and it can have a significant ROI for your organization. Listen to this week’s podcast for the top three benefits and ROI you can achieve by investing in third-party risk management.

You need to be thoroughly analyzing your vendor’s SOC reports to ensure there is no missing or overlooked information that could negatively impact your organization. Find out what the three scariest consequences that can occur if you have a missing item on your vendor SOC report by listening to this week’s podcast.

If one of your vendors falls victim to a data breach, it can have a range of serious consequences for you organization. You can take proactive steps that will help you better protect your customers and reputation from a third-party data breach. Listen to this 90-second podcast for our top five tips.

Having a strong information security policy is more important than ever with rising cybersecurity risks. Listen to this week’s 90-secnod podcast to understand why you need to evaluate your vendor’s information security procedures and three best practices we recommend for the process.

In this week’s 90-second podcast, learn the top four expert tips that will help to help fintech organizations more successfully meet their client and regulator expectations.

You can take specific steps that will help you maximize even the smallest budget for vendor management. Listen to this week’s podcast for the top three tips we recommend to help you make the most of your organization’s budget.

If you have well-developed vendor contracts, then you are setting your organization up for success when it comes to vendor oversight. Find out the top three reasons why your vendor contracts directly affect your level of oversight.

Chris Caputo, External Audit Coordinator at CMG Financial, shares his thoughts on commonly seen vendor management struggles and how to overcome them. He also dives into the recent industry changes due to the pandemic, what to expect from a regulatory compliance perspective and discusses vendor risk management best practices from an auditor’s perspective.

To be successful in vendor contract management you have to be effective in your negotiation efforts. To help you better manage this stage in the vendor contract process, listen to this week’s 90-second podcast for the top tips our experts recommend.

Once you receive a vendor contract, there are specific steps that you should take for a more successful process. This 90-second podcast covers the 5 most important steps our experts recommend you're following.

The process of conducting vendor management exams has changed drastically during the pandemic. Whether your exam is conducted in-person or remotely, this podcast covers the 5 most important items you should always have prepared.

Jenn Wilkinson, Vice President of Strategic Vendor Management at Cenlar FSB, shares her thoughts on how organizations are currently managing third-party risk and dives deeper into the process of building a vendor management program from the ground up. She also discusses why your program should be tailored to the specific needs of your organization, the importance of having a strong vendor management team and how the recent pandemic has brought third-party risk management challenges for the industry.

By not being aware of the hazards of incomplete vendor due diligence, you could be putting your organization at risk. Listen to this 90-second podcast for the most important hazards to know.

Asking the right questions in your vendor information security assessment questionnaires can prevent future headaches down the road. Listen to this week’s podcast to find out three important questions we recommend you include in your questionnaire.

Understand the basics of business continuity management with this 90-second podcast that breaks down what you need to know about the process.

There are important requests you need to include in all of your vendor contract negotiations. These 5 will help set your organization up for success. Find out what they are by listening to this podcast.

Listen this roundtable discussion to hear from three third-party risk management experts as they share their thoughts on handling problem vendors who won't play nice in the sandbox.

With so many different components and responsibilities involved in third-party risk management, organizations may not have the internal capabilities to properly manage every step of the process. Listen to this podcast to learn how to determine if your organization could benefit from outsourcing vendor management support.

You should be proactively taking steps to mitigate risks posed by potentially vulnerable vendors. This podcast covers seven steps you can take to ensure your organization is safe against vulnerable vendors.

There are three key components of information security that you should monitor when analyzing your vendor’s information security strength. These components are known as the CIA Triad and the foundation for strong vendor cybersecurity posture. Listen to this 90-second podcast to understand the CIA Triad.

Monitoring your vendors and their financial performance is more important than ever with the current pandemic. Protect your organization by looking out for the 10 signs covered in this 90-second podcast that will indicate your vendor's financial performance is declining.

The recent pandemic is an important reminder that no organization is immune to business impacting events. To be better prepared for future situations similar to COVID-19, use these 5 takeways for third-party risk management.

There are specific third-party risk management regulatory requirements for banking and fintech organizations. Listen to this week's 90-second podcast to learn what you need to know about the FDIC guide for vendor risk management.

Each step in the vendor management lifecycle a unique process and recommended best practices. However there are 3 requirements that you should maintain throughout the entire cycle. Listen to this week's 90-second podcast to learn what they are.

While preparing for a vendor management exam is a crucial step in the process, how you follow-up after the exam is equally as important. Listen to this week’s 90-second podcast that will cover the 5 next steps you should be taking after a vendor management exam concludes.

Ongoing oversight of your vendors is a key component of successfully managing third-party risk. By periodically conducting due diligence you will be able to ensure your vendors are still meeting your organization’s needs. This 90-second podcast covers 4 tips that will help get you started.

There are 7 fundamental elements of a strong vendor management. In this podcast we are going to dive a little deeper into what each pillar means and some ways to incorporate these pillars into your third-party risk program.

Does your organization understand your vendor’s financial viability and performance? If not, it’s important that you start. Here are 4 reasons why your vendor’s financial performance is crucial for your organization to report on.

Proper vendor risk management is important to meet regulatory guidelines and is a critical component to your organizations’ overall success. Listen to this podcast for 4 steps you need take in order to make third-party risk a key priority in your organization.

Do you need help getting started determining what your vendor risk appetite is? This podcast breaks down the common questions you may have when it comes to determining what your organization’s risk appetite is.

Your vendor management program should be specific and unique to your organization’s needs. To help you be more successful, listen to the 6 best practices covered in this podcast for creating a solid third-party risk program.

Initial due diligence is important for a few important reasons. Listen to this week’s podcast to break down what initial due diligence is, and why your organization should incorporate it into your vendor management program.

Different types of vendor risk require unique approaches. This podcast breaks down the 6 main categories of vendor risk to help you improve your organization's overall approach.

Vendor management, enterprise risk management, vendor risk management and third party risk management each have a different meaning. Each concept brings varying components to an organization’s overall structure. Listen to this podcast to dive deeper into each concept.

When your vendor is repeatedly failing to meet the SLA requirements outlined in your contract it can have negative consequences on your organization. Use the 5 steps covered in this podcast to help you navigate how to manage vendor SLA failures.

If your vendor is no longer meeting your organization’s needs, it may be time to start searching for a new vendor. Listen to this week’s 90-second podcast for 7 steps you should be taking if you think it’s time for a new vendor in 2020.

Now that the year is coming to an end, it’s a good time to reflect on the big events that happened with third party risk management in 2019. Use the lessons and guidance learned this year to help your organization be more successful with vendor management in 2020.

Managing vendor due diligence properly requires periodic updates to your process to ensure your organization is being as thorough and efficient as possible. Listen to this 90-second podcast to hear our expert tips for improving your vendor due diligence strategy.

One of the most crucial aspects of vendor management is performing a third party risk assessment. To help you get with this important part of the process, listen to this 90-second podcast that covers 5 best practices for conducting vendor risk assessments.

Vendor management is constantly evolving and it’s important to keep your program as up to date as possible. Whether you’re creating your policy for the first time, or revisiting it, make sure you check out these 8 best practices to help get you started.

Customer complaints are a fact of life in the world we live in today. This is why you need to also monitor your vendor's complaints as a critical part of third party risk management. Listen to this week's 90-second podcast for more information.

There are many benefits of vendor risk management. Understand why vendor risk is important and how to use these steps in your organization by listening to this 90-second podcast.

Budget season is upon us! Prepare yourself and your organization by planning ahead now for third party risk. Listen to this 90-second podcast to hear 5 tips for budget planning for vendor risk management.

You need to protect your organization by reviewing your vendor’s cybersecurity posture to know if they are a weak link when it comes to protecting important data. Gain a better understanding of what specific items you need to look for in your vendor’s cybersecurity plan with this 90-second podcast.

You can respond, prevent and detect third party cybersecurity issues with proper vendor management processes in place. Listen to this 90-second podcast for 6 steps to take to manage third party cybersecurity risk.

Proper vendor management requires you to periodically go update and improve elements of your program. To help, listen to this 90-second podcast to hear specific steps you can start taking today to improve your third party risk program.

Glen Trudel, Banking and Corporate Attorney at Ballard Spahr, shares his perspective on regulatory compliances and his thoughts on the OCC’s Fintech charter. He also discusses general challenges organizations are facing when it comes to third party risk management and covers best practices to overcome those hurdles.

Proper vendor management requires you to periodically go update and improve elements of your program. To help, listen to this 90-second podcast to hear specific steps you can start taking today to improve your third party risk program.

One of the most important steps in the vendor due diligence process is reviewing your vendor’s SOC report. Once you receive a SOC report from your vendor there are certain steps you can take to make the process more efficient. Listen to this week’s podcast to find out 7 steps to take once you receive a vendor SOC report.

The constant shift can lead to occasional problems in third party risk management. If you take the time to manage the process correctly and implement specific procedures it could help you avoid costly errors down the line. Listen to this week’s podcast to find out more about how to prevent third party risk problems.

Prepping for an audit can be a stressful, especially if you are scrambling last minute to finish up vendor management tasks. However, you can help organize your team before you receive an exam or audit notice. In this 90 second podcast you’re going to learn 9 steps to help you prepare in advanced.

Jo Ann Barefoot, CEO at Barefoot Innovation group and Cofounder at Hummingbird Regtech, shares her thought provoking insight on how organizations are handling third party risk management in this industry interview. Using her extensive experience in the industry, Jo Ann shares best practices for dealing with regtech vendors – including tips for the vetting process and cybersecurity management.

Keeping your third party risk management efforts independent from other business processes is critical. In this 90-second podcast, we cover the 3 most important reasons why you need to keep third party risk workflows separate.

This Thought Leadership Interview features Michael Donnella, Corporate Compliance Officer of Murphy Oil Corporation. Michael shares his unique perspective on corporate compliance, and why having a culture of compliance in third party risk management is crucial for organizations. He also shares his thoughts on the current state of third party risk in the industry and challenges organizations face.

Regulatory risk is used to determine the vendor risk rating. Listen to this 90-second podcast to learn about how you can determine a vendor's regulatory risk.

With 2019 well underway, we decided to put together some tips to help you stay proactive in vendor management. Listen to this 90-second podcast to get a quick refresher on third party risk best practices.

This Thought Leadership Interview features Lori Frank, President and CEO of Argos Risk. During this thought-provoking interview, Lori covers current third party risk management challenges and shifts in ongoing monitoring trends that organizations are facing today. Lori also discusses in-depth best practices for third party risk and complaint management you can use to protect your organization.

Your customers will complain at times. How your organization manages and responds to complaints has become critical. It also will help spot issues with vendors. Here are some tips to help you develop an effective complaint management system.

Fourth party risk is an important step in the vendor management process. In your contract with every one of your third party vendors you should include how you want your third party to handle communicating with you about a fourth party vendor. Here are some fourth party risk management steps you should take to better protect your organization.

Thoroughly evaluating a vendor’s performance is more than just about the numbers. It can help you discover weak financials which can indicate numerous risk factors. Here are 5 steps to measuring your vendor's financial health.

Vendor contract management is the administration of written agreements with third parties that provide your organization with products or services. The process includes contract negotiation, creation, execution and analysis. In this 90 second podcast you’re going to learn what vendor contract management is and some best practices that we recommend.

This Thought Leadership Interview features Jennie Fowler, Vendor Management Officer with American Credit Acceptance. Throughout the interview, Jennie shares how financial institutions are doing in Third Party Risk Management and the current struggles that company’s are facing today. Jennie shares her experience and recommendations to help obtain buy in and support from the C-suite when it comes to vendor management.

Sometimes a vendor may not pose enough risk to an organization to make it needed to actively monitor; therefore, some organizations choose to write certain third parties out of scope. In this 90-second podcast, we will cover the steps you need to take to determine the vendors that need to be included in your vendor oversight and how to best assess risk.

This interview focuses on the unique perspective of Nicole DeSantis at Rabobank. Nicole discusses the three lines of defense model discussion and why this discipline should be implemented at your organization. She also talks about how there should be a well-developed vendor management structure at all organizations regardless of the size. And, as a GDPR expert, Nicole shares her thoughts on future GDPR implications on U.S. corporations.

Maintaining strong vendor management relationships will help lead to a successful partnership for your organization. In today’s podcast, we’ll cover 8 important tips to maintain good vendor relationships in 90 seconds.

Since becoming one of the primary points of focus for the Consumer Financial Protection Bureau (CFPB), UDAAP has presented some concern to third party risk professionals. In this podcast we cover procedures and best practices to effectively manage UDAAP and your third parties.

With the increase in regulations and vendor oversight requirements, managing your vendors with a spreadsheet will prove to be very inefficient. Here are 7 reasons why spreadsheets will not cut it anymore, especially in 2019.

In today's podcast we’re going to discuss 4 important vendor risk management frequently asked questions for beginners. What vendor risk management is, why it’s important, who is involved and how vendor risk management is completed.

Creating a vendor risk assessment template, commonly known as a VRA questionnaire can be quite the daunting task. In today’s podcast, we will cover 5 tips and recommendations to help you build a solid foundation for your vendor risk assessment template.

This interview focuses on the role of vendor management in financial intuitions from a legal and regulatory perspective. Spencer Knibbe answers key questions about the specific pain points organizations are currently experiencing for third party risk management, which includes data aggregation, organizational consistency, reporting and cybersecurity.

For vendor management, there are three unique sets of documents that you're going to want to create and update. The first document you should focus on is writing a third party risk management policy. In today's podcast, we're going to cover steps that will assist you in getting starting writing an effective risk management policy.

There are 6 fundamental elements of a strong vendor management policy. In this podcast we are going to dive a little deeper into what each pillar means and some ways to incorporate these pillars into your third party risk policy.

Are you looking to expand your vendor management team in 2019? During today’s podcast we will discuss our top 5 recommendations to keep in mind while recruiting potential vendor management team candidates.

Vendor risk management is a complex job. It typically takes an individual who is meticulous in detail, thorough and patient to perform the job well. In today’s podcast, we’ll touch on some key attributes we’ve found in good vendor managers that should be continued in the new year.

Since we’re nearing the end of the year, it’s a good time to reflect on 2018 and some of the vendor risk management best practices we’ve found to be very helpful. Let’s cover 7 of the 2018 best practices that should continue to be performed in the new year. They range from engaging the first line of defense through continuing education.

This interview covers qualifications that are needed on a third party risk management team, why cybersecurity risk is something that you can never really defeat and the importance of your response plan, how you can outsource the activity but you can’t outsource the risk - third party risk management burdens will continue to only get more complex and thought provoking conundrum about the introduction of decentralized technology, like a blockchain, and still accounting for third party risk.

As we wrap up 2018, it’s a good time to reflect on the year and some of the reasons we’re thankful for a well-developed vendor management program. Listen to this podcast to learn 10 reasons to be thankful for vendor management.

Listen to this interview with Brian Tate, President and CEO at Network Branded Prepaid Card Association (NBPCA) where he covers both a legal and industry perspective on third party risk, understanding the impact of fraud in third party risk management, how properly investing in third party risk management protects you and your organization, discussion regarding increased oversight at the state level and a post Dodd-Frank Act lesson - senior management and the board must be involved.

As you wrap up 2018, it’s a good idea to think about your process for reporting to the board. Whether it’s your regularly scheduled, perhaps quarterly meeting, or whether it’s your summation of all activities for an annual board report, third party risk management needs to be a part of the board’s regular activities. Listen to today’s podcast where we’re going to touch on our recommendations to best prepare for periodic vendor updates to the board.

After an examiner pays you a visit and the report and recommendations are complete, it’s important to not only review the findings and recommendations but to also take follow-up action internally. Listen to this podcast where we discuss the five best practices you should be doing as a follow up to your exam.

BCP stands for business continuity planning. Business continuity is what you do to ensure that key operations, products and services continue to be delivered either in full OR at a predetermined, and accepted, level of availability. Today, most people would have this outlined as part of a service level agreement (or SLA). When you think of business continuity and your vendor, it covers things like what would they do in the event of a loss of personnel, if their facilities or services were down; what their planning with public entities such as emergency services is like, and communications with their own identified key vendors, their clients like you, employees and the media. Listen to this podcast where we discuss the basics of a BCP Report.

Listen as we discuss seven vendor risk management expectations for 2019, what to focus on and tips for each. Topics include cybersecurity, increasing regulatory requirements, compliance concerns, the OCC fintech charter, changes in political landscape, GDPR and responding to change in general.

Listen to our exclusive interview with Ashley Kelley, VP of ERM at Atlanta Postal Credit Union, as part of our Thought Leadership Series where we talk with many of the industry's sought-after leaders to discuss third party risk management. Listen to this interview with Ashley Kelley for discussions on: A credit union expert's perspective on third party risk management overall Centralizing third party risk management - why it can be a struggle but is very needed Insight from the VP for the International Association of Financial Crimes Investigators (IAFCI) on cybersecurity expectations and concerns

A well-developed policy, program and procedure documents are all crucial to the success of an organization’s third party risk management department. Listen for some quick tips to help you develop, or revamp, your third party policy, program and procedures.

SOC reports differ based on what they cover, how the auditor performs the assessment and level of detail. This way, the vendor can avoid each client performing their own audit of the vendor’s system. Listen now to learn the differences between a SOC 1 and SOC 2 report and Type 1 and Type 2.

If done right, third party risk management is a strategic advantage. It’s an expense but also the best way to defend your company when risk is posed. In this podcast, we'll go through 10 reasons to consider your third party risk management department/program when budgeting for the upcoming year.

This interview covers an auditor's perspective on how organizations are addressing third party risk management, best practices for managing risk, addressing today's cybersecurity threats and risks, top areas of concern for a SOC audit report, the importance of your subservice vendors (aka your vendor's vendor or fourth party), pre-contract considerations, vendor oversight and how vendor risk management training at the board level helps.

When budgeting for the upcoming year, its a best practice to consider the costs associated with negotiating key contract terms and pricing. Listen as Venminder CFO, Mike Campbell, covers 5 vendor contract considerations for your 2019 budget.

Learn how FFIEC’s Appendix J relates to your vendor risk management program, four key elements of business continuity planning that you should address when contracting with a third party service provider and our recommendations to best incorporate Appendix J into your vendor risk management program.

As a fintech provider, your third party risk management process will become well-developed and more organized by following these 5 best practices. In turn, your clients will feel much more at ease when selecting you as their preferred vendor of choice to continue doing business with. It’s a win for both parties. Listen now.

We know that vendor vetting and ongoing monitoring are both important stages of the vendor lifecycle and due diligence process, however, why exactly is due diligence so important for vendor risk management? Listen to learn the top 5 reasons.

We all hope to never experience a breach at our organization, but if it does happen, do you know what to do? You can minimize the chance of it happening again by using those mistakes to improve your third party risk management program. Listen to Third Party Thursday now for 4 best practices.

Balance is incredibly important, especially in this industry. Listen to this podcast to learn 6 tips to balance your Third Party Risk Management tasks.

Listen to this interview where Amy Hanna Keeney, Attorney with Adams and Reese LLP, talks about Vendor Risk.

Learn how to perform a check on your third party risk management program to determine the progress you've made. It is essential for the future success of your program to run through these 6 steps and best practices.

You've completed the 6 steps and best practices for a mid-year third party risk management progress check, so now what? Listen to our vendor risk management podcast to learn the next steps to take, how to document the findings and improving upon the process. Tune in to Third Party Thursday now.

Join Venminder's interview with Loraine DeBonis at Ubiquity Compliance Solutions for key takeaways from a panelist at the NBPCA’s Power of Prepaid conference perspective, challenges banks & prepaid program managers are facing regarding the Fed’s Regulation E, improving risk management and more.

Listen to this vendor management podcast to learn how to perform a check on your third party risk management program to determine the progress you've made. It is essential for the future success of your program to run through these 6 steps and best practices. Tune in to Third Party Thursday now.

Join Venminder's interview with Ed DeMarco, General Counsel and Director of Operational Risk & Regulatory Relations/Communications at the Risk Management Association (RMA), for information on vendor risk management challenges & best practices, cyber, vendor oversight, regulatory compliance & more.

Business Continuity Planning (BCP) is important to you and your vendors. Listen to this podcast as we talk about the fundamentals and guide you through creating or reviewing BCPs - the appropriate regulatory guidance to follow, what to plan for, what to restore first and how to recover.

Don’t panic about the notification of a third party risk exam - we can help you prepare for the examiner's arrival. 3-4 months in advance of the examiners’ arrival, you should prepare or fine-tune the 9 following documentation items. Listen to this vendor risk management podcast to learn more.

Join Venminder's interview with Jim Hussey, Founder of IT-TPRM.com, for a discussion on vendor risk management challenges, why you should place heavier focus on technology or fintech risk, how to engage the first line of defense, advice on meeting OCC lifecycle expectations, best practices and more.

What is a SOC report? A SOC report is an independent audit report performed by a public accounting firm and attests to the existence and effectiveness of the controls put in place to safeguard your data. Listen to this podcast as we break down 6 of the most important parts of your vendor's SOC report.

Listen to this week's Third Party Thursday Podcast to learn about the lines of defense, specifically the first line, as it relates to vendor risk management.

Listen to this interview with Andrew Lorentz, Partner at Davis Wright Tremaine LLP to hear his perspective on Third Party Risk Management.

Fourth party risk and liability is often overlooked because there isn't direct relationship with the fourth party vendor. It’s important to always know your vendor and this waterfalls down to fourth and third parties. Listen now for the 3 oversight steps to take regarding your fourth party vendors.

There are three vendor management models that we typically see: centralized, decentralized and a hybrid approach. These allow the vendor risk manager to set standards while allowing for communication through the relationship manager and on to the vendor. Listen to this Third Party Thursday where we'll cover the differences between the three and determine which is best for you.

When determining your level of oversight on a vendor, you’ll clearly want to determine their criticality and risk level first. This is an essential and ongoing process for mitigating vendor risk. Listen to this podcast to help guide you through the process.

This interview covers biggest third party risk struggles financial institutions are facing, how to handle ongoing vendor risk management, addressing cybersecurity, board demonstrating their involvement, industry expectations and more.

While the General Data Protection Regulation, aka GDPR, is a European regulation, it has a global impact on any company which is collecting, storing or accessing European resident private data. The effective date of this regulation begins May 25, 2018. Listen to Third Party Thursday to learn what you need to know about GDPR and third party risk in order to be prepared and stay in compliance.

Often times, people get confused between Enterprise Risk Management (ERM) and Third Party Risk Management (TPRM). In the past, we've covered the technical differences between ERM and third party risk management. Today, Third Party Thursday covers steps and tips on how to properly integrate Third Party Risk Management in your Enterprise Risk Management Program.

Listen to this interview to hear James Russell, CPA at Russell Bank Consulting as he provide insight into third party risk management from his perspective as an auditor. You will discussions on: * Third party management changes over the last decade * Common third party risk management issues during examination * A real life example of a third party risk management relationship that went downhill

While the General Data Protection Regulation, aka, GDPR is a European regulation, it has a global impact on any company which is collecting, storing or accessing European resident private data. The effective date of this regulation begins May 25th, 2018. Listen to this Third Party Thursday podcast to learn what you need to know about GDPR in order to be prepared and stay in compliance.

Join us for today's Third Party Thursday podcast. It covers the difference between ERM and TPRM, and why you should be paying extra attention to third party risk management inside of your enterprise risk management.

Branan Cooper, Venminder's Chief Risk Officer will walk you through several factors to consider when determining how much staff is needed to do third party risk management well.

Listen to this podcast where Venminder's Chief Risk Officer, Branan Cooper will focus on the contracts themselves and some common pitfalls as well as a few ideas of how to avoid them.

Listen to this podcast where Venminder's Chief Risk Officer, Branan Cooper interviews Elizabeth Khalil, Partner at Dykema Gossett PLLC on her thoughts on Third Party Risk Management.

Listen to this podcast where Venminder's Chief Risk Officer, Branan Cooper chats with Marilyn Bochicchio, Founder of Hidden Brain on her thoughts on third party risk management.

Join us to learn tips on how you can help foster a third party risk management mindset within your team and organization.

Listen to this week's podcast as it covers 9 key components to implement into your own third party risk management program.

Consumer complaints are an expense of being in business, but also a chance to respond and turn it around to a more positive interaction and fix vendor management issues. Learn how in Third Party Thursday.

Daily vendor management regulatory compliance efforts you can implement in order to keep up with third party risk regulatory reform.

This interview covers cost benefit analysis of compliance, regulations that effected and are currently effecting the lending industry, outsourcing risk management functions, third party risk strategy, advice from the MBA perspective on consumer data breaches, data security, cybersecurity, lessons learned from the housing crisis and the CFPB relation to regulatory compliance.

Listen as we take a deep dive into the application of third party risk in the world of appraisal management. Two experienced mortgage professionals talk about how to stay in compliance, how outsourced vendor management solutions help, best practices for selecting and managing appraisers, what types of due diligence you need to do for Appraisal Management Companies (AMCs), Dodd Frank, regulatory compliance challenges and differences between internal appraisal management and outsourcing to an AMC solution provider.

Learn all about outsourcing third party risk functions in this in-depth podcast. Two seasoned mortgage lending industry experts provide an inside look into the benefits and risks associated with offshoring and outsourcing solutions and services, the difference in attitudes between early adopters of outsourcing to provide strategic advantages, the hurdles late adopters have regarding data security and a mindset of a loss of control, best practices and how outsourcing (if managed correctly) can provide greater efficiencies, reduce your workload and help with cost management.

What you need to know about Unfair Deceptive or Abusive Acts and Practices) and how they effect your third party risk management program.

How to determine which due diligence questions to ask and what standard should firmly be expected of your Fintech vendors.

Listen as we wrap up the 2017 Third Party Thursday Series with one final podcast for the year and we want to thank you!

If you don't stay up to date on new regulations, you'll find yourself out of compliance and perhaps out of business. Listen to our podcast for several reason why you need to stay up-to-date on vendor management regulatory guidance.

Learn about 'bucketing' your vendors and how this classification system can help you with third party oversight and ongoing monitoring.

A well run compliant management system can take an upset customer and turn them into your best customer. Listen to learn what to include in your compliant policy and compliant management system.

It covers what should be in your examination preparation handbook - from the best strategy to tips on how to stay ready, we've got you covered!

Learn how to properly identify your critical third party vendors.

Learn the key takeaways from important third party risk regulatory guidance released by the OCC, FDIC, and FFIEC.

Maybe you're brand new to third party risk management, or maybe you've been doing it since the time it was known as generally a quality assurance function and nothing else. Either way, listen to learn how keeping abreast of best practices and staying informed on the regulatory environment are great ideas for everyone involved.

Learn how being proactive can ultimately prevent problems in third party risk management. Our expert gives three examples of how you can be proactive.

What do you do when you find out one of your third parties is named in an enforcement action, even if unrelated to your institution? Listen to this podcast for six tips from a third party risk expert.

It covers creating a culture of compliance to have successful vendor management. We'll discuss what that means and how to get it.

We'll cover why it's necessary to risk rate EVERY vendor when conducting your vendor risk assessments. And, we'll give a couple quick tips in doing so.

Learn which third party activities your board should be involved in according to regulators, and what information is essential in a board report.

Learn from our Chief Risk Officer about Unfair, Deceptive, Abusive Acts and Practices, the role of the CFPB and enforcement actions in the world of third party risk.

Brand Names and Vendor Due Diligence by Third-Party Risk Education

Listen to this podcast to learn key takeaways from two OCC bulletins issued this year on third party risk management, OCC Bulletins 2017-7 and 2017-21.

Learn the basics of the third party risk management framework including how it relates to enterprise risk management (ERM).

Listen to this podcast to learn about vendor contract management from our experts, the importance of contracts to your institution and what steps you should take to protect your institution.

FFIEC Appendix J and E by Third-Party Risk Education

Learn the 7 key things you should do with every new vendor. These steps are essential to the vendor vetting process and determining how much you know about the company with whom are you planning to do business.

Analyzing SOC Controls by Third-Party Risk Education

CIA Triad Within Vendor Management by Third-Party Risk Education

How, When & Why To Use a Vendor Information Security Questionnaire by Third-Party Risk Education

What Is SSAE 18? by Third-Party Risk Education

Understanding Vendor SOC Scope, Time And Narrative by Third-Party Risk Education

5 Types Of Vendor SOC Reports by Third-Party Risk Education

FFIEC's Cybersecurity Assessment Tool by Third-Party Risk Education

3 Key Points To Review In Service Organization Controls (SOC) Reports by Third-Party Risk Education

Security & Confidentiality Provisions Which Should Be Addressed In All Third-Party Agreements by Third-Party Risk Education

Mitigating Vendor Contract Management Risk by Third-Party Risk Education

5 Key Provisions To Look For In Your Critical Vendor Contracts by Third-Party Risk Education

Consequences of a Vendor's Poor Financial Performance by Third-Party Risk Education

What to do When a Vendor Refuses to Provide Financial Statements by Third-Party Risk Education

What's In The News Matters by Third-Party Risk Education

Your Vendors and Cloud Computing by Third-Party Risk Education

What Can You Do Now To Prepare For 2017 by Third-Party Risk Education

Best Practices In Vendor Management by Third-Party Risk Education

Defining Critical Vs Non Critical Vendors by Third-Party Risk Education

Critical Vendors - What To Review by Third-Party Risk Education

10 Common Vendor Management Errors by Third-Party Risk Education

10 Steps To Creating Your Vendor List by Third-Party Risk Education

Third-Party Due Diligence by Third-Party Risk Education

Keeping Your Vendor List and Process Current by Third-Party Risk Education

Enterprise Risk Management Vs Vendor Management by Third-Party Risk Education

Vendor Mangement Risk Assessments by Third-Party Risk Education

Fundamental Third-Party Risk Management Best Practices by Third-Party Risk Education

The Lifecycle Approach To Third-Party Risk Management by Third-Party Risk Education

Why There Is So Much Focus On Third-Party Risk by Third-Party Risk Education

How to Write a Third-Party Program by Third-Party Risk Education

How to Write a Third-Party Policy by Third-Party Risk Education

Vendor Business Continuity And Disaster Recovery Plans by Third-Party Risk Education

Importance Of Complementary User Entity Controls by Third-Party Risk Education

Fourth Parties by Third-Party Risk Education

3 Lines Of Vendor Management Defense by Third-Party Risk Education

Evolution Of Third-Party Risk by Third-Party Risk Education

Defining The Scope Of Your Third Party Risk Management Program by Third-Party Risk Education

7 Steps of Vendor Vetting by Third-Party Risk Education