Third-Party Risk Framework
IT IT Ops Finance Ops
The prompt
Design vendor risk assessment framework with tiers, questionnaires, risk evaluation, onboarding, monitoring, offboarding.
Why this works
Tiered assessments focus effort on highest-risk vendors. Documented vendor requirements prevent shadow IT.
Risks & review
Assessments are time-consuming; leverage certifications. Vendors may not be transparent.