How to Build a Vendor Inventory from Scratch

If you’ve been tasked with creating a third-party risk management (TPRM) program, or if you’re looking to ramp it up this year, then you know that one of the most time-consuming steps in the process is finding and centralizing information on your vendors, suppliers, and other partners. Whether you have one hundred or one thousand third parties, creating an inventory can be daunting.

In this session, Bob Wilkinson, CEO of Cyber Marathon Solutions and a former CISO at Citigroup, guides you through efficiently building a vendor inventory when you may not even know who they are.

Bob shares his top tips for taking stock of your third parties, including:

• Identifying the systems and teams typically involved in managing vendors
• Sharing organizational resources to leverage for vendor inventory identification and validation
• Describing processes and information needed to create a central vendor inventory profile
• Explaining the types of risks that should be managed with vendor inventories
• Categorizing vendors according to the risk they pose to the business and the functionality they provide
• Examining steps to maintain continuous visibility into vendor updates
• Leveraging data analytics to understand key risk trends in vendor inventories

No matter the size of your third-party ecosystem, Bob’s experience and expertise will help you build a robust inventory as a foundation for a comprehensive TPRM program.