A clear and bold header

Outsource Your Third-Party Risk Audit | VendorInsight®

Posted by Rachel McKenzie on Aug 2, 2019 11:18:45 AM

Why You Should Outsource

In today’s highly regulated environment, banks and financial institutions are held to increasingly strict standards when it comes to vendors. Not only are you liable for third-party business activities, but you are held responsible for their third-party vendors, as well.

Relying on a strong working relationship with third-party vendors isn’t enough. To protect your customers and company, you need to understand and assess risks related to your vendors.

Read More

Topics: Third-Party Risk Audits

Best Practices: Retrieving Data from Vendors | VendorInsight®

Posted by Rachel McKenzie on Jul 17, 2019 11:38:37 AM

Best Practices for Retrieving Data from Vendors After a Contract Termination

There are many reasons why a relationship with a third-party vendor could be terminated. In these circumstances, your vendor-stored data could be vulnerable.

The service requirements of the business often need to continue, but the risk is that data could be accessed by unauthorized users after contract termination. Another fear is that vendors may improperly dispose of documents that contain a customer’s confidential information, leaving that data at risk of being located and stolen.

Read More

Topics: Data Retrieval, Best Practices

VendorInsight®’s Approach to Healthcare VRM | VendorInsight®

Posted by Rachel McKenzie on Jul 1, 2019 2:54:31 PM

The Evolution of Healthcare Management

Risk management is drastically different today than it was 40-50 years ago. Back then, risk managers were mostly focused on clinical issues and minimizing damages due to the abundance of medical malpractice suits and professional liability claims.

Read More

Topics: Healthcare

Putting Trust in Third-Party Vendors | VendorInsight®

Posted by Rachel McKenzie on Jun 17, 2019 12:06:05 PM

How Much Should You Trust Your Third-Party Vendors?

eSentire recently conducted an online survey of 600 information technology and security decision makers across the globe. These leaders have purchase influence over security solutions and familiarity with third-party risk. While the survey intended to quantify market concerns about third-party risk, determine top challenges and identify potential areas of vulnerability, there was an unexpected takeaway.

Read More

Topics: Vendor Monitoring

Red Flags within Your Vendor’s BCP | VendorInsight®

Posted by Rachel McKenzie on Jun 3, 2019 11:14:38 AM

Red Flags within Your Vendor’s Business Continuity Plan

Significant events, including natural disasters and massive cybersecurity breaches, will not only impact your vendor’s operations, but yours as well. Your data could be lost, your processes can be slowed or stalled, and your reputation could be hurt. To protect your organization and stay proactive, you need to understand a vendor’s Business Continuity Planning (BCP) and Disaster Recovery (DR), their processes of creating systems of prevention and recovery to deal with potential threats.

To do so, your organization should be reviewing the vendor’s BCP annually as part of your ongoing monitoring after you’ve selected and contracted with them, to determine if there are any concerning red flags. But what would be considered a red flag?

Read More

Topics: vendor reviews, Cybersecurity, Business Continuity, BCP, Experts, RTO, RPO, Business Continuity Plans, Recovery, Breaches, Disaster Recovery

Handling Problematic Vendors | VendorInsight®

Posted by Rachel McKenzie on May 17, 2019 9:22:05 AM

How to Handle Problematic Third-Party Vendors

Many companies rely heavily on third-party vendors to help meet both contractual obligations and consumer demand. With such business relationships, however, comes the potential for disruptive natural and human-made events risks.

Even the most reliable vendors can suddenly and unexpectedly perform poorly, causing a previously healthy and mutually beneficial relationship to head south. When faced with such a dilemma, what can be done to fix a problematic vendor’s performance? And at what point is the decision made to terminate a relationship with a vendor?

Read More

Topics: Third-Parties, monitoring, vendor performance reviews, Risks, Reputation, penalities, brand, suppliers, SLA, Problematic Vendors

What Vendor Oversight You Should be Performing | VendorInsight®

Posted by Rachel McKenzie on May 10, 2019 10:21:32 AM

How Much Vendor Oversight Should Your Company be Performing?

It’s a common practice for enterprises to conduct due diligence on any prospective third-party vendor. But why do so many organizations fail to regularly evaluate their existing vendors?

A poorly managed vendor oversight program can be a point of pain for any institution hoping to function smoothly and efficiently. Without a consistent program for managing vendor risk, banks and financial institutions, in particular, face non-compliance with government regulations. This can not only pose financial risks but can also diminish a company’s reputation. 

Read More

Topics: Third-Parties, vendor risk management, risk alerts, compliance, Audits, vendor, oversight, regulation, monitoring, regulators, vendor performance reviews

Tracking 4th Party Vendors | VendorInsight®

Posted by Rachel McKenzie on Apr 19, 2019 8:21:48 AM

The Importance of Fourth-Party Vendor Tracking

Third-party vendor breaches are on the rise, but what about fourth-party risk? A fourth party is a subcontractor to your vendor, someone your vendor relies on or subcontracts to. The effectiveness of your vendor and the risk to you increasingly depends on fourth parties as your vendors outsource and subcontract critical activities. 

They go by a lot of names, including providers and strategic partners, and can provide bill pay, mobile banking, core processing, legal or other services.

Read More

Topics: fourth party, risk management, vendors, subcontractor

VendorInsight® Performs On-Site Vendor Visits | VendorInsight®

Posted by Rachel McKenzie on Apr 5, 2019 9:01:15 AM

Let VendorInsight® Perform Your On-Site Vendor Visits

Vendors are increasingly important for banks as they can perform consulting, process transactions, reduce costs and implement controls, all while directing your focus to core business functions and objectives. How many of your bank’s products depend on multiple vendors? How many of your vendors are managing your customers’ private data? For these reasons, regulators have been demanding that banks keep closer tabs on their relationships with third-party vendors.

Read More

Topics: Collaboration, SaaS, VendorInsight, On-site Visit

The Hassle of Hiring a Vendor Manager | VendorInsight®

Posted by Rachel McKenzie on Mar 22, 2019 8:57:20 AM

Is Hiring a Vendor Manager Worth the Hassle? 

Whether managing risk in one department or throughout the enterprise, analyzing and selecting the best vendor at the right price, delivered in a timely fashion, is a critical part of the risk management process.

That’s where vendor managers come in. A vendor manager facilitates the relationship between their business and its vendors while meeting contractual obligations and compliance.

Read More

Topics: vendor management outsourcing, SaaS, Vendor Manager, VendorInsight, Lower Costs

Similarities Found Between VendorInsight® and Green Icebergs in Antarctica | VendorInsight®

Posted by Grant Karnes on Mar 15, 2019 10:13:55 AM

Similarities Between VendorInsight® and Green Icebergs in Antarctica

 Icebergs are normally blue but some few Antarctic icebergs are green, and scientists may know why.  These icebergs contain high levels of iron and may have a greater purpose.  As the green icebergs float out into the ocean and melt, they deliver the iron to phytoplankton who benefit from it as a nutrient. 

Read More

Topics: risk management, Collaboration, Scalability, SaaS, Big Iron

Delivering VRM Solutions | VendorInsight®

Posted by Rachel McKenzie on Mar 13, 2019 11:47:53 AM

Delivering Vendor Risk Management Solutions

In this current economic climate, risk management is more important than ever. Companies only beginning to develop risk management programs haven’t yet realized the potential benefits of a structured solution for managing vendors. This includes reducing costs and risks while creating a competitive advantage against organizations who aren’t managing their risk.

Read More

Topics: vendor risk management, Cybersecurity, board members, risk assessment, Transparency, Automation, Collaboration, Return on Investment, Stability, Scalability, C-Suite

ROI on Automated Vendor Management | VendorInsight®

Posted by CMPG Risk Solutions on Feb 28, 2019 8:52:44 AM

7 Ways Automating Your Vendor Management Can Deliver ROI


Without a structured vendor management solution, your company is probably losing money every year from overspending on contracts with third parties. A solution to this is optimizing your vendor spend and reducing the amount of staff time spent on management. More and more companies are doing this by automating their vendor management, with options including web apps and cloud-based solutions that can handle most, or all, of these tasks with tools that offer a unique set of features.

Read More

Topics: Third-Parties, due diligence, risk management, risk management simplified, Configurable, Transparency, Automation, Collaboration, Return on Investment, Audits

Software User Groups Matter | VendorInsight®

Posted by CMPG Risk Solutions on Jan 30, 2019 3:45:53 PM

Why Having a User Group Matters

Have you ever wished that a piece of software could be updated and tailored as your organization’s needs change? Most industries today are constantly evolving as technology is accepted and integrated. This is why choosing a vendor management software tool that has a user group is so important. User groups provide valuable insight into customer needs and improve the software for everyone involved.

Read More

Topics: vendor reviews, vendor risk management, Configurable, User Groups, Conference

Custom Vendor Management Reports | VendorInsight®

Posted by Ryan Fox on Jan 17, 2019 10:07:08 AM

Custom Reports:

If You Collect Data on It, You Can Create a Report for It

No two companies are exactly alike – in the way they operate or in the way they manage their vendors. The same is also true of a company’s reporting needs. One leadership team may have a different priority or consider a different metric to be mission critical. Regulatory teams or auditors may ask for data based on their current priorities.

Read More

Topics: vendor reviews, vendor risk management, Configurable, Reports

Market Risk Alerts: The Importance of Monitoring Vendor News | VendorInsight®

Posted by Ryan Fox on Oct 15, 2018 9:45:00 AM

Market Risk Alerts: Why Vendor News Monitoring is Valuable to Your Company

Scouring hundreds of news sites in search of any mention of your vendor companies or setting up electronic alerts to notify you when a crucial supplier makes headlines – this can sometimes seem like a waste of time. In fact, when done right, vendor news monitoring delivers significant value to your organization.

Read More

Topics: vendor risk management, news monitoring, risk alerts

Due Diligence: Plan to Outsource It Next Year | VendorInsight®

Posted by Ryan Fox on Sep 17, 2018 10:04:19 AM

 It’s that time of year – prepping budgets for the upcoming calendar year. As you think about your resource allocation, consider outsourcing as an alternative to increasing staff to complete your due diligence review.

Read More

Topics: due diligence, vendor management outsourced

3 Ways to Create a Competitive Advantage with Vendor Management Automation

Posted by Rachel McKenzie on Aug 30, 2018 10:04:51 AM

Organizations often have very few employees working in vendor management, leading to heavy workloads. Manually tracking, monitoring, and reviewing vendors assumes vast amounts of time and resources. About half of financial organizations do not utilize an automated vendor management platform for tracking and assessing vendors. Adopting an automated vendor management system not only allows organizations to become proactive while easily staying on top of due diligence, but also delivers insight into the effectiveness of your compliance strategy.

Read More

Topics: outsourced vendor management

New Watchword: Subservice Organization

Posted by Jay Fitzhugh on Mar 28, 2018 5:15:14 PM

By now, many organizations have begun to receive control audit reports covering 2017 (SOC1/SSAE18 and SOC2). One element of note is the emergence of subservice organizations, or fourth parties, in reports generated after May 1, 2017.

It is interesting to see the reveal of underlying providers (fourth parties) within the updated reporting formats. While these new formats intentionally define what is being performed by contracted fourth parties, the disclosure of who is performing these efforts is often not as revealing as we expected or hoped. At times, there is a fog placed on the identities of fourth parties; phrases like "industry-recognized third party" or "subservice organization" are inserted in place of the names of the companies your vendors have outsourced responsibilities to.

Read More

Topics: Insider, Banking, Banks, Vendor management, subservice, control audit, control audit report, SSAE18, fourth parties, fourth party

Use Vendor Management to Stay Competitive

Posted by Jared Howe on Mar 28, 2018 4:45:46 PM

New tax plan is enabling many banks to invest in technology that helps them be more competitive. Vendor management is leading the way. 

At this year's ABA National Conference for Community Bankers (NCCB), ABA President Rob Nichols
discussed how banks are already spending based on savings they'll see under the new tax plan. According to ABA polling, banks are reinvesting their projected tax savings in their employees, customer growth, philanthropic activities, and technology to help them gain a competitive edge. This is going to put pressure on other banks to invest or get left behind.

Read More

Topics: Competition, ABA, Third-Parties, Banking, Tax Plan, Banks, American Bankers Association, ROI, Vendor management

VendorInsider Blog

Insight into Vendor Management Best Practices, Challenges, Solutions and Trends from Industry Insiders

As one of the longest running and most advanced vendor management software solutions, the helpful people of VendorInsight® have a unique perspective on third-party risk, compliance and management.  In the VendorInsider Blog, we share our insights on timely and relevant issues facing vendor managers.  You can subscribe using the button below, or contact us with questions.

Subscribe to Our Blog

Recent Posts

Posts by Topic

see all