Vendor Risk Assessment Process. Vendors pose many risks including financial reputational compliance legal and regulatory risks. This is often a multidisciplinary effort that covers a variety of vendor related risks.
Of concern are those circumstances where service providers process or hold University data. Vendor risk assessment University schools departments and business units sometimes contract for data services with outside parties or service providers. In that regard a well-documented vendor risk management model can help ensure key issues are being addressed.
This assessment can take place during the vetting phase or during an evaluation or review in order to measure performance on a continual basis.
Risk assessment needs to be considered as a continuous process when dealing with third-party vendors not something performed once and then forgotten about. Vendor risk management VRM is a broad category that encompasses all measures that your organization can take to prevent data breaches and ensure business continuity. In that regard a well-documented vendor risk management model can help ensure key issues are being addressed. Also a robust vendor risk management process should be in place to evaluate the risk profiles of vendors on a consistent basis.