By George Ralph, Managing Director, RFA UK
- Conduct the appropriate amount of research on the potential vendor in order to know them inside and out. Make sure you know what type of access the vendor will have to your data- whether sensitive or otherwise- and appoint staff to oversee the management of the vendors. Finally, determine and categorise the risks, and develop solutions based on the threat level associated with each risk.
- Make sure that there is a specific group in place responsible for conducting due diligence on vendors within your organisation. Alternatively, you could centralise the process with a firm-wide risk management or procurement team. However, it’s essential to not allow this important step to slip through the cracks.
- Sometimes, it makes sense to consider a third party vendor management provider. These services can take on much of the labour associated with evaluating and managing vendors, so that you can focus on your core business. Working with an experienced partner can provide you access to deep knowledge and levels of research, as well as save you time and money. These firms can work with you to ensure that the vendors you are working meet appropriate compliance, regulatory and best practice standards.