Vendor Risk Management Classification Template

Vendor Risk Management (VRM) is the process of assessing vendors to determine the risks they pose, and the impact those risks have on the organization’s processes and business performance. VRM is becoming increasingly important in information security and nearly all major regulatory bodies require some form of vendor management. There are four major steps to implement a Vendor Risk Management program:

• Compile
• Classify
• Assess
• Decide

This Vendor Risk Management Classification Template will take you through the first two steps, including Compilation and Classification.