Vendor Management Risks And Controls. Strategic risk is the risk arising from adverse business decisions or the failure to implement appropriate business decisions in a manner that is consistent with the organizations strategic goals. Key components of a Vendor Management Policy.
Vendor Risk Assessment Establish criteria ie criticality as a basis for risk rating critical vs non-critical vendors. Once vendor management responsibilities and reporting structure are established it is important to formalize them as part of the financial institutions official policies and procedures. In many organizations VRM programs are largely traditional.
Another vendor risk is the loss of financial assets.
Regular auditing and check up of vendors can prevent entering into financially unsound vendor relationships. In the ACIPAs SOC 2 Guide it states that service organizations may implement policies procedures and controls for managing vendor risk. ComplianceRegulatory Risk is the risk that a third-party vendor will violate a law or regulation that youve contractually obligated them to follow. Having a vendor management program is more important today than ever before.