Vendor Risk Management (VRM)
Organizations implement VRM programs as a formal way to evaluate, track and measure third-party risk, assess its impact on all aspects of your business, and develop compensating controls or other forms of mitigation to lessen the impact on the business if something should happen. A formal VRM program provides consistency for managing vendors and establishes a methodology to share risk information about them within your organization.