SlideShare a Scribd company logo

Vendor Management - Compliance Checklist Manifesto Series

Continuity Control
Continuity Control

Regulatory examiners are expecting to see and review your financial institution's vendor management program, which is to include a process for assessing specific vendor risk, vendor selection, contracting, and ongoing oversight. This webinar will demonstrate that implementing a repeatable process will provide consistency and reduce your institution's Compliance Tax by saving you time and resources, including helping to ensure your valuable dollars are spent wisely. Objectives: - Understanding of the regulatory requirements for the vendor management program - High level overview of the key elements - Provide guidance in developing your program

1 of 32
Vendor Management Compliance Checklist Manifesto May 20, 2010
Today’s Presenters ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Overview Vendor Management Regulatory landscape
Vendor Management Program Vendor Management Program The responsibility to properly oversee outsourced relationships lies with the board of directors and senior management. FFIEC Outsourcing Technology Services June 2004
Why Vendor Management Why Vendor Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The notion of a Compliance Tax The notion of a Compliance Tax
What is the Compliance Tax? Compliance Tax ™ : the ever-growing amount of work, resources and costs (internal staffing, consulting fees, training and employee productivity loss) required for a financial institution to meet regulatory requirements Based on Asset Size: 500 million Average amount of employee time spent on compliance activities: 3%
The Checklist Approach The Checklist Approach
Power of a checklist What’s the Checklist Manifesto? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Power of a checklist What’s the Checklist Manifesto? Boeing “Checklist Factory” Aviation is the origin of the checklist Boeing develops 100 checklists a year Take weeks to develop, but are adopted by the industry
Applying the Checklist Manifesto to Vendor Management Key Factors and Elements
Key Factors of Vendor Management Program ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Vendor Risk Management Program Elements ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Vendor Risk Assessment Vendor Risk Assessment ,[object Object],[object Object],[object Object],[object Object]
Classification Factors Classification Factors ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Performing the Risk Assessment Performing the Risk Assessment ,[object Object],[object Object],[object Object],[object Object],[object Object]
Policy/Written Program Policy/Written Program ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Applying Checklists to the Process Applying Checklists to the Process
Vendor Selection Checklist ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Vendor Selection Checklist ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Contract Review Checklist ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Vendor Performance Checklist ,[object Object],[object Object],[object Object]
Implementing Your Own Compliance Checklists
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Implementing Your Own Checklists
Stepping you Through the Process Stepping you Through the Process
Step by Step Directions
Step by Step Directions The What: Vendor Risk Assessments The Who: Operations Officer And When: Annual What: Vendor Performance Monitoring Who: IT Manager When: Weekly Search written procedures for :
Step by Step Directions Organizing Checklists: 1 st Oversight Activities Annual Vendor Risk Assessment 2 nd Periodic Activities Monthly and quarterly Review contract renewals 3 rd Routine Activities Daily and weekly Monitoring vendors
 
Summary and Q & A
Thank You! ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk Management
Deepak Bansal, CPA CISSP
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your Story
Priyanka Aash
 
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryo
Danang suryo Wardhono
 
What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance
BOC Group
 
Risk and Business Continuity Management
Risk and Business Continuity Management Risk and Business Continuity Management
Risk and Business Continuity Management
Continuity and Resilience
 
Business Continuity Management
Business Continuity ManagementBusiness Continuity Management
Business Continuity ManagementECC International
 
Managing with KPI's and KRI's
Managing with KPI's and KRI's Managing with KPI's and KRI's
Managing with KPI's and KRI's
Andrew Smart
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk Management
EC-Council
 

Recommended

Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk Management
Deepak Bansal, CPA CISSP
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your Story
Priyanka Aash
 
Awareness iso 22301 danang suryo
Awareness iso 22301 danang suryoAwareness iso 22301 danang suryo
Awareness iso 22301 danang suryo
Danang suryo Wardhono
 
What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance
BOC Group
 
Risk and Business Continuity Management
Risk and Business Continuity Management Risk and Business Continuity Management
Risk and Business Continuity Management
Continuity and Resilience
 
Business Continuity Management
Business Continuity ManagementBusiness Continuity Management
Business Continuity ManagementECC International
 
Managing with KPI's and KRI's
Managing with KPI's and KRI's Managing with KPI's and KRI's
Managing with KPI's and KRI's
Andrew Smart
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk Management
EC-Council
 
Risk Management Process Steps PowerPoint Presentation Slides
Risk Management Process Steps PowerPoint Presentation Slides Risk Management Process Steps PowerPoint Presentation Slides
Risk Management Process Steps PowerPoint Presentation Slides
SlideTeam
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and Certification
ControlCase
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
PECB
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Vendor Management Powerpoint Presentation Slides
Vendor Management Powerpoint Presentation SlidesVendor Management Powerpoint Presentation Slides
Vendor Management Powerpoint Presentation Slides
SlideTeam
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and compliance
Magdalena Matell
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
SandeshUprety4
 
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment QuestionnairesThird-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Corporater
 
Enterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use CasesEnterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use Cases
WSO2
 
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB
 
Incident Management PowerPoint Presentation Slides
Incident Management PowerPoint Presentation SlidesIncident Management PowerPoint Presentation Slides
Incident Management PowerPoint Presentation Slides
SlideTeam
 
Business impact analysis and Cost-benefit Analysis. Risk Assesment
Business impact analysis and Cost-benefit Analysis. Risk AssesmentBusiness impact analysis and Cost-benefit Analysis. Risk Assesment
Business impact analysis and Cost-benefit Analysis. Risk Assesment
erfan7486
 
Third-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyThird-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a Strategy
NICSA
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
Incident Management Powerpoint Presentation Slides
Incident Management Powerpoint Presentation SlidesIncident Management Powerpoint Presentation Slides
Incident Management Powerpoint Presentation Slides
SlideTeam
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash
 
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic PlanningRisk Management and Security in Strategic Planning
Risk Management and Security in Strategic Planning
Keyaan Williams
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management Program
Sasha Nunke
 
BUSINESS IMPACT ‎ANALYSIS- DRM
BUSINESS IMPACT ‎ANALYSIS- DRMBUSINESS IMPACT ‎ANALYSIS- DRM
BUSINESS IMPACT ‎ANALYSIS- DRM
Libcorpio
 
Vendor Management
Vendor ManagementVendor Management
Vendor Management
Anand Subramaniam
 
Vendor Management Systems Best Practices
Vendor Management Systems Best PracticesVendor Management Systems Best Practices
Vendor Management Systems Best Practicesjeffmonaghan
 

More Related Content

What's hot

Risk Management Process Steps PowerPoint Presentation Slides
Risk Management Process Steps PowerPoint Presentation Slides Risk Management Process Steps PowerPoint Presentation Slides
Risk Management Process Steps PowerPoint Presentation Slides
SlideTeam
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and Certification
ControlCase
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Shawn Tuma
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
PECB
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Vendor Management Powerpoint Presentation Slides
Vendor Management Powerpoint Presentation SlidesVendor Management Powerpoint Presentation Slides
Vendor Management Powerpoint Presentation Slides
SlideTeam
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and compliance
Magdalena Matell
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
SandeshUprety4
 
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment QuestionnairesThird-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Corporater
 
Enterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use CasesEnterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use Cases
WSO2
 
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB
 
Incident Management PowerPoint Presentation Slides
Incident Management PowerPoint Presentation SlidesIncident Management PowerPoint Presentation Slides
Incident Management PowerPoint Presentation Slides
SlideTeam
 
Business impact analysis and Cost-benefit Analysis. Risk Assesment
Business impact analysis and Cost-benefit Analysis. Risk AssesmentBusiness impact analysis and Cost-benefit Analysis. Risk Assesment
Business impact analysis and Cost-benefit Analysis. Risk Assesment
erfan7486
 
Third-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyThird-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a Strategy
NICSA
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
Incident Management Powerpoint Presentation Slides
Incident Management Powerpoint Presentation SlidesIncident Management Powerpoint Presentation Slides
Incident Management Powerpoint Presentation Slides
SlideTeam
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash
 
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic PlanningRisk Management and Security in Strategic Planning
Risk Management and Security in Strategic Planning
Keyaan Williams
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management Program
Sasha Nunke
 
BUSINESS IMPACT ‎ANALYSIS- DRM
BUSINESS IMPACT ‎ANALYSIS- DRMBUSINESS IMPACT ‎ANALYSIS- DRM
BUSINESS IMPACT ‎ANALYSIS- DRM
Libcorpio
 

What's hot (20)

Risk Management Process Steps PowerPoint Presentation Slides
Risk Management Process Steps PowerPoint Presentation Slides Risk Management Process Steps PowerPoint Presentation Slides
Risk Management Process Steps PowerPoint Presentation Slides
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and Certification
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Vendor Management Powerpoint Presentation Slides
Vendor Management Powerpoint Presentation SlidesVendor Management Powerpoint Presentation Slides
Vendor Management Powerpoint Presentation Slides
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and compliance
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
 
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment QuestionnairesThird-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
 
Enterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use CasesEnterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use Cases
 
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
PECB Webinar: Introduction to ISO 22317 – Business Impact Analysis (BIA)
 
Incident Management PowerPoint Presentation Slides
Incident Management PowerPoint Presentation SlidesIncident Management PowerPoint Presentation Slides
Incident Management PowerPoint Presentation Slides
 
Business impact analysis and Cost-benefit Analysis. Risk Assesment
Business impact analysis and Cost-benefit Analysis. Risk AssesmentBusiness impact analysis and Cost-benefit Analysis. Risk Assesment
Business impact analysis and Cost-benefit Analysis. Risk Assesment
 
Third-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyThird-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a Strategy
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & compliance
 
Incident Management Powerpoint Presentation Slides
Incident Management Powerpoint Presentation SlidesIncident Management Powerpoint Presentation Slides
Incident Management Powerpoint Presentation Slides
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Risk Management and Security in Strategic Planning
Risk Management and Security in Strategic PlanningRisk Management and Security in Strategic Planning
Risk Management and Security in Strategic Planning
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management Program
 
BUSINESS IMPACT ‎ANALYSIS- DRM
BUSINESS IMPACT ‎ANALYSIS- DRMBUSINESS IMPACT ‎ANALYSIS- DRM
BUSINESS IMPACT ‎ANALYSIS- DRM
 

Viewers also liked

Vendor Management
Vendor ManagementVendor Management
Vendor Management
Anand Subramaniam
 
Vendor Management Systems Best Practices
Vendor Management Systems Best PracticesVendor Management Systems Best Practices
Vendor Management Systems Best Practicesjeffmonaghan
 
Vendor management using COBIT 5
Vendor management using COBIT 5Vendor management using COBIT 5
Vendor management using COBIT 5
Robert Stroud
 
SUPPLIER SELECTION AND EVALUATION
SUPPLIER SELECTION AND EVALUATIONSUPPLIER SELECTION AND EVALUATION
SUPPLIER SELECTION AND EVALUATION
Zamri Yahya
 
IT Strategic Vendor Management
IT Strategic Vendor ManagementIT Strategic Vendor Management
IT Strategic Vendor ManagementBill Whetstone
 
Vendor rating system
Vendor rating systemVendor rating system
Vendor rating system
Chandrmouli Singh
 
Vendor Management and Contract Negotiations
Vendor Management and Contract NegotiationsVendor Management and Contract Negotiations
Vendor Management and Contract Negotiations
ButlerRubin
 
Purchasing, Procurement, Vendor, Contract and RFP Process Management with Sha...
Purchasing, Procurement, Vendor, Contract and RFP Process Management with Sha...Purchasing, Procurement, Vendor, Contract and RFP Process Management with Sha...
Purchasing, Procurement, Vendor, Contract and RFP Process Management with Sha...
Optimus BT
 
EY Human Capital Conference 2012: Global Employee Mobility - Managing vendors...
EY Human Capital Conference 2012: Global Employee Mobility - Managing vendors...EY Human Capital Conference 2012: Global Employee Mobility - Managing vendors...
EY Human Capital Conference 2012: Global Employee Mobility - Managing vendors...
EY
 
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIECVendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
ControlCase
 
Applicant Tracking System Vendor Criteria Checklist
Applicant Tracking System Vendor Criteria ChecklistApplicant Tracking System Vendor Criteria Checklist
Applicant Tracking System Vendor Criteria Checklist
Matt Charney
 
Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?
EDR
 
Vendor Management System - Introduction2
Vendor Management System - Introduction2Vendor Management System - Introduction2
Vendor Management System - Introduction2Frank Corris
 
Multi Vendor Management
Multi Vendor ManagementMulti Vendor Management
Multi Vendor Management
MuratSelcuk
 
Vendor Selection Process
Vendor Selection ProcessVendor Selection Process
Vendor Selection Processgrinehart
 
ppt of vendor management
ppt of vendor management ppt of vendor management
ppt of vendor management
rohit12692
 
Vendor development
Vendor developmentVendor development
Vendor developmentPadmadhar PD
 
Outsourcing and Vendor management
Outsourcing and Vendor managementOutsourcing and Vendor management
Outsourcing and Vendor managementRaminder Pal Singh
 

Viewers also liked (20)

Vendor Management
Vendor ManagementVendor Management
Vendor Management
 
Vendor Management Systems Best Practices
Vendor Management Systems Best PracticesVendor Management Systems Best Practices
Vendor Management Systems Best Practices
 
Vendor Management
Vendor ManagementVendor Management
Vendor Management
 
Vendor management using COBIT 5
Vendor management using COBIT 5Vendor management using COBIT 5
Vendor management using COBIT 5
 
SUPPLIER SELECTION AND EVALUATION
SUPPLIER SELECTION AND EVALUATIONSUPPLIER SELECTION AND EVALUATION
SUPPLIER SELECTION AND EVALUATION
 
IT Strategic Vendor Management
IT Strategic Vendor ManagementIT Strategic Vendor Management
IT Strategic Vendor Management
 
Vendor rating
Vendor ratingVendor rating
Vendor rating
 
Vendor rating system
Vendor rating systemVendor rating system
Vendor rating system
 
Vendor Management and Contract Negotiations
Vendor Management and Contract NegotiationsVendor Management and Contract Negotiations
Vendor Management and Contract Negotiations
 
Purchasing, Procurement, Vendor, Contract and RFP Process Management with Sha...
Purchasing, Procurement, Vendor, Contract and RFP Process Management with Sha...Purchasing, Procurement, Vendor, Contract and RFP Process Management with Sha...
Purchasing, Procurement, Vendor, Contract and RFP Process Management with Sha...
 
EY Human Capital Conference 2012: Global Employee Mobility - Managing vendors...
EY Human Capital Conference 2012: Global Employee Mobility - Managing vendors...EY Human Capital Conference 2012: Global Employee Mobility - Managing vendors...
EY Human Capital Conference 2012: Global Employee Mobility - Managing vendors...
 
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIECVendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
 
Applicant Tracking System Vendor Criteria Checklist
Applicant Tracking System Vendor Criteria ChecklistApplicant Tracking System Vendor Criteria Checklist
Applicant Tracking System Vendor Criteria Checklist
 
Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?
 
Vendor Management System - Introduction2
Vendor Management System - Introduction2Vendor Management System - Introduction2
Vendor Management System - Introduction2
 
Multi Vendor Management
Multi Vendor ManagementMulti Vendor Management
Multi Vendor Management
 
Vendor Selection Process
Vendor Selection ProcessVendor Selection Process
Vendor Selection Process
 
ppt of vendor management
ppt of vendor management ppt of vendor management
ppt of vendor management
 
Vendor development
Vendor developmentVendor development
Vendor development
 
Outsourcing and Vendor management
Outsourcing and Vendor managementOutsourcing and Vendor management
Outsourcing and Vendor management
 

Similar to Vendor Management - Compliance Checklist Manifesto Series

It62015 slides
It62015 slidesIt62015 slides
It62015 slides
Jim Kaplan CIA CFE
 
Compliance, Risk Management, Licensing
Compliance, Risk Management, LicensingCompliance, Risk Management, Licensing
Compliance, Risk Management, Licensingicomply
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymond
spencerharry
 
Key Performance Indicators for Chief Compliance Officers.pdf
Key Performance Indicators for Chief Compliance Officers.pdfKey Performance Indicators for Chief Compliance Officers.pdf
Key Performance Indicators for Chief Compliance Officers.pdf
williamshakes1
 
Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & Governance
EDR
 
Risk Assessment Framework
Risk Assessment FrameworkRisk Assessment Framework
Risk Assessment Framework
Jhurt7103
 
Contractor Management Strategies in a Complex World
Contractor Management Strategies in a Complex WorldContractor Management Strategies in a Complex World
Contractor Management Strategies in a Complex World
browzcompliance
 
Questions for a Risk Analyst Interview - Get Ready for Success.pdf
Questions for a Risk Analyst Interview - Get Ready for Success.pdfQuestions for a Risk Analyst Interview - Get Ready for Success.pdf
Questions for a Risk Analyst Interview - Get Ready for Success.pdf
infosecTrain
 
𝐑𝐢𝐬𝐤 𝐀𝐧𝐚𝐥𝐲𝐬𝐭 𝐈𝐧𝐭𝐞𝐫𝐯𝐢𝐞𝐰 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬
𝐑𝐢𝐬𝐤 𝐀𝐧𝐚𝐥𝐲𝐬𝐭 𝐈𝐧𝐭𝐞𝐫𝐯𝐢𝐞𝐰 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬𝐑𝐢𝐬𝐤 𝐀𝐧𝐚𝐥𝐲𝐬𝐭 𝐈𝐧𝐭𝐞𝐫𝐯𝐢𝐞𝐰 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬
𝐑𝐢𝐬𝐤 𝐀𝐧𝐚𝐥𝐲𝐬𝐭 𝐈𝐧𝐭𝐞𝐫𝐯𝐢𝐞𝐰 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬
priyanshamadhwal2
 
Risk and Regulatory Change Management - 360factors EUEC 2015 Presentation
Risk and Regulatory Change Management - 360factors EUEC 2015 PresentationRisk and Regulatory Change Management - 360factors EUEC 2015 Presentation
Risk and Regulatory Change Management - 360factors EUEC 2015 Presentation
360factors
 
4. op risk and aml
4. op risk and aml4. op risk and aml
4. op risk and amlcrmbasel
 
How Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party RisksHow Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party Risks
MHM (Mayer Hoffman McCann P.C.)
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk ConsultingPrashant Jain
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
Nidhi Gupta
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013Nidhi Gupta
 
Weaver - Financial Institutions Consulting
Weaver - Financial Institutions ConsultingWeaver - Financial Institutions Consulting
Weaver - Financial Institutions ConsultingAndrew Topa
 

Similar to Vendor Management - Compliance Checklist Manifesto Series (20)

It62015 slides
It62015 slidesIt62015 slides
It62015 slides
 
Compliance, Risk Management, Licensing
Compliance, Risk Management, LicensingCompliance, Risk Management, Licensing
Compliance, Risk Management, Licensing
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymond
 
Key Performance Indicators for Chief Compliance Officers.pdf
Key Performance Indicators for Chief Compliance Officers.pdfKey Performance Indicators for Chief Compliance Officers.pdf
Key Performance Indicators for Chief Compliance Officers.pdf
 
My slides
My slidesMy slides
My slides
 
Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & Governance
 
Risk Assessment Framework
Risk Assessment FrameworkRisk Assessment Framework
Risk Assessment Framework
 
Contractor Management Strategies in a Complex World
Contractor Management Strategies in a Complex WorldContractor Management Strategies in a Complex World
Contractor Management Strategies in a Complex World
 
Questions for a Risk Analyst Interview - Get Ready for Success.pdf
Questions for a Risk Analyst Interview - Get Ready for Success.pdfQuestions for a Risk Analyst Interview - Get Ready for Success.pdf
Questions for a Risk Analyst Interview - Get Ready for Success.pdf
 
𝐑𝐢𝐬𝐤 𝐀𝐧𝐚𝐥𝐲𝐬𝐭 𝐈𝐧𝐭𝐞𝐫𝐯𝐢𝐞𝐰 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬
𝐑𝐢𝐬𝐤 𝐀𝐧𝐚𝐥𝐲𝐬𝐭 𝐈𝐧𝐭𝐞𝐫𝐯𝐢𝐞𝐰 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬𝐑𝐢𝐬𝐤 𝐀𝐧𝐚𝐥𝐲𝐬𝐭 𝐈𝐧𝐭𝐞𝐫𝐯𝐢𝐞𝐰 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬
𝐑𝐢𝐬𝐤 𝐀𝐧𝐚𝐥𝐲𝐬𝐭 𝐈𝐧𝐭𝐞𝐫𝐯𝐢𝐞𝐰 𝐐𝐮𝐞𝐬𝐭𝐢𝐨𝐧𝐬
 
Risk and Regulatory Change Management - 360factors EUEC 2015 Presentation
Risk and Regulatory Change Management - 360factors EUEC 2015 PresentationRisk and Regulatory Change Management - 360factors EUEC 2015 Presentation
Risk and Regulatory Change Management - 360factors EUEC 2015 Presentation
 
4. op risk and aml
4. op risk and aml4. op risk and aml
4. op risk and aml
 
How Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party RisksHow Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party Risks
 
Presentation_IA Focus
Presentation_IA FocusPresentation_IA Focus
Presentation_IA Focus
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk Consulting
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
 
Weaver - Financial Institutions Consulting
Weaver - Financial Institutions ConsultingWeaver - Financial Institutions Consulting
Weaver - Financial Institutions Consulting
 

Recently uploaded

chapter 10 - excise tax of transfer and business taxation
chapter 10 - excise tax of transfer and business taxationchapter 10 - excise tax of transfer and business taxation
chapter 10 - excise tax of transfer and business taxation
AUDIJEAngelo
 
Brand Analysis for an artist named Struan
Brand Analysis for an artist named StruanBrand Analysis for an artist named Struan
Brand Analysis for an artist named Struan
sarahvanessa51503
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
Bojamma2
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Lviv Startup Club
 
Role of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in MiningRole of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in Mining
Naaraayani Minerals Pvt.Ltd
 
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
BBPMedia1
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
SynapseIndia
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
seri bangash
 
Filing Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed GuideFiling Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed Guide
YourLegal Accounting
 
Lookback Analysis
Lookback AnalysisLookback Analysis
Lookback Analysis
Safe PaaS
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
HumanResourceDimensi1
 
April 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterApril 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products Newsletter
NathanBaughman3
 
anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
anasabutalha2013
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
seoforlegalpillers
 
Skye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto AirportSkye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto Airport
marketingjdass
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
Nicola Wreford-Howard
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
Cynthia Clay
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
Erika906060
 
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptxTaurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
my Pandit
 
The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...
awaisafdar
 

Recently uploaded (20)

chapter 10 - excise tax of transfer and business taxation
chapter 10 - excise tax of transfer and business taxationchapter 10 - excise tax of transfer and business taxation
chapter 10 - excise tax of transfer and business taxation
 
Brand Analysis for an artist named Struan
Brand Analysis for an artist named StruanBrand Analysis for an artist named Struan
Brand Analysis for an artist named Struan
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
 
Role of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in MiningRole of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in Mining
 
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
 
Filing Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed GuideFiling Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed Guide
 
Lookback Analysis
Lookback AnalysisLookback Analysis
Lookback Analysis
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
 
April 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterApril 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products Newsletter
 
anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
 
Skye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto AirportSkye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto Airport
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
 
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptxTaurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
 
The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...
 

Vendor Management - Compliance Checklist Manifesto Series

  • 1. Vendor Management Compliance Checklist Manifesto May 20, 2010
  • 2.
  • 3.
  • 4. Overview Vendor Management Regulatory landscape
  • 5. Vendor Management Program Vendor Management Program The responsibility to properly oversee outsourced relationships lies with the board of directors and senior management. FFIEC Outsourcing Technology Services June 2004
  • 6.
  • 7. The notion of a Compliance Tax The notion of a Compliance Tax
  • 8. What is the Compliance Tax? Compliance Tax ™ : the ever-growing amount of work, resources and costs (internal staffing, consulting fees, training and employee productivity loss) required for a financial institution to meet regulatory requirements Based on Asset Size: 500 million Average amount of employee time spent on compliance activities: 3%
  • 9. The Checklist Approach The Checklist Approach
  • 10.
  • 11. Power of a checklist What’s the Checklist Manifesto? Boeing “Checklist Factory” Aviation is the origin of the checklist Boeing develops 100 checklists a year Take weeks to develop, but are adopted by the industry
  • 12. Applying the Checklist Manifesto to Vendor Management Key Factors and Elements
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19. Applying Checklists to the Process Applying Checklists to the Process
  • 20.
  • 21.
  • 22.
  • 23.
  • 24. Implementing Your Own Compliance Checklists
  • 25.
  • 26. Stepping you Through the Process Stepping you Through the Process
  • 27. Step by Step Directions
  • 28. Step by Step Directions The What: Vendor Risk Assessments The Who: Operations Officer And When: Annual What: Vendor Performance Monitoring Who: IT Manager When: Weekly Search written procedures for :
  • 29. Step by Step Directions Organizing Checklists: 1 st Oversight Activities Annual Vendor Risk Assessment 2 nd Periodic Activities Monthly and quarterly Review contract renewals 3 rd Routine Activities Daily and weekly Monitoring vendors
  • 30.  
  • 32.

Editor's Notes

  1. 04/01/10
  2. 04/01/10
  3. 04/01/10
  4. 04/01/10
  5. 04/01/10
  6. 04/01/10
  7. 04/01/10
  8. 04/01/10
  9. 04/01/10
  10. 04/01/10
  11. 04/01/10
  12. 04/01/10