Vendor Risk Management (VRM)

In the current technological environment, vendors are not only helpful but are sometimes required to run certain aspects of many businesses. At the same time, each of your vendors presents a unique risk to your organization, whether it’s information security or the availability of your company’s product or service. Understanding and managing this vendor risk is a key component of any truly effective security program. LBMC Information Security uses a business-centric and tailored methodology that includes:

  • Reviewing and analyzing your existing VRM program and making recommendations for improvements
  • Collaboratively develop vendor survey questionnaires and an improved risk assessment approach
  • Executing proof-of-concept assessments on a sample of vendors using LBMC Information Security’s proprietary risk assessment tool, BALLAST
  • Conducting assessments on the agreed upon vendor population

With these best practices in place, you can maintain and scale your third-party vendor risk management program.