Request Demo

Software

Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Overview
Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

VX LP Sequence USE FOR CORPORATE SITE-thumb
Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.

CREATE FREE ACCOUNT

Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 

Industries

Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

1.7.2020-what-is-a-third-party-risk-assessment-FEATURED
Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.

DOWNLOAD SAMPLES

Resources

Trends, best practices and insights to keep you current in your knowledge of third-party risk.

Webinars

Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars

 

Community

Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.

Subscribe

 

Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

resources-whitepaper-state-of-third-party-risk-management-2023
State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.

DOWNLOAD NOW

Third-Party Risk Management Policy Template: Based on regulatory guidance
Third-Party Risk Management Policy Template: Based on the TPRM lifecycle

Download Free Templates

What is a third-party risk management policy?

The policy is the first document that should be created and will identify the roles, responsibilities, regulations, and overall purpose of a  program. It also provides a broad outline on the areas of due diligence, risk assessments, contract management, and establishes how the board and senior management will stay informed of vendor management activities. 

What are the differences between the two templates

Each template has been catered to different organizational needs and profiles. To ensure you select the most suitable template for your organization, carefully read the following descriptions: 

The Third-Party Risk Management Policy template aims to assist organizations operating in regulated industries develop a comprehensive policy for managing risks associated with third-party/vendor relationships. Users who wish to align their policy content to reflect regulatory guidance should choose this template version. 

*Note: Although the template has been designed to reflect regulatory guidance, there’s no regulatory requirement that your organization follow any specific policy format. 

The Third-Party Risk Management Lifecycle-Based Policy template aims to assist non-regulated organizations create a comprehensive policy for managing third-party/vendor risks, which aligns with industry best practices and the third-party risk management lifecycle. It can also be used by regulated organizations that lack specific regulatory guidance on third-party risk management or any organization that believes a policy aligned with the third-party risk management lifecycle is a more effective approach. 

What regulatory guidance does the Third-Party Risk Management Policy template follow?

Much of the content and design of this template closely resembles actual regulatory guidance, specifically the Interagency Guidance on Third-Party Relationships: Risk Management. We have chosen to use this guidance as it has been developed by three financial regulators, the OCC, FDIC, and the Fed. The practices described in the guidance are widely regarded as the "gold standard" for third-party risk management. It’s worth noting that financial regulatory guidance has long influenced what becomes best practices for third-party risk management.

Are these templates really free?

Yes! We know these templates are valuable (and that many organizations put a price on accessing templates) but, as passionate advocates for better third-party risk management practices, we have decided that there is no better way to assist than by giving third-party risk professionals a helping hand with these customizable templates. You still have a lot of work to do to customize and align to your organization, but we are hoping this gets you there faster!

Are these policies customizable to match what my organization does?

Absolutely, and we urge you to do so! The templates are formatted in a Microsoft Word document so it’s easy to change any aspect. Instructions point out what specially to edit and the guides give best practices and tips.

Who created these templates?

These free policy templates were carefully crafted by Venminder’s highly skilled third-party risk professionals who have not only done the job in their own careers, but today advise Venminder's 1,200+ customers, many of whom are subject to the strictest regulatory guidance.