Broker Check

Managing Vendor Risks

December 07, 2020

A critical part of risk management is evaluating third parties including vendors your organization interacts with. Maclear ( has put together a list of seven best practices to help assess and manage those risks.

  1. Identify the risks you need to assess - strategy, operations, regulatory compliance, information technology, financial, reputation, etc.
  2. Determine who owns the relationship, usually the person or department who negotiates the contract and is the contact with the vendor.
  3. Centralize management through the organization's risk manager or other authorized person. Small organizations will need input from legal and insurance advisers.
  4. Make sure all needed experts and stakeholders are involved.
  5. Know your vendor's vendors - they may be the weal link in security.
  6. Use an automated system to minimize the risk of manually entered data.
  7. Monitor vendors on an ongoing basis.