Industry Survey Reveals 10 Third-Party Risk Management Best Practices

Recently, Venminder released our annual State of Third-Party Risk Management survey. It included respondents from a wide variety of organizations across multiple industries.

The responses gave us invaluable insight into how many are doing third-party risk management and also where many could improve. After analyzing this year’s findings, we’ve compiled some third-party risk management best practices that you should be aware of in 2020:

10 Third-Party Risk Management Best Practices from Industry Survey

Here are the 10 best practices to utilize for your own third-party risk management programs:

1. A well-documented policy, program and procedures is a must
   
   
2. Address each pillar of third-party risk management in a rigorous set of practices
   
   
3. Ensure you have adequate credentialed staffing at your organization to assist with third-party risk
   
   
4. Work diligently to gain support from the board and senior management team
   
   
5. Incorporate third-party risk management in annual policy updates and internal audits
   
   
6. Invest in education, staffing and third-party risk tools
   
   
7. Stay abreast of regulatory guidance, legal analysis and enforcement actions
   
   
8. At least annually, and more if needed, update all documents and practices
   
   
9. Perform ongoing monitoring well and follow up on deficiencies
   
   
10. Watch customer complaints closely, as it’s a regulatory focal point for enforcement actions

Want to learn more about why these are our key best practices to take away from the data? Check out the survey results here.