Complete, customizable program policy templates

Complete Vendor Management Policies

VendorPoint™ incorporates Vendor Management policy templates that have passed the scrutiny of FFIEC examinations for Uniform Rating System for Information Technology (URSIT) levels 1-4. For institutions that have not yet created and documented a viable program, VendorPoint™ provides an excellent platform to prepare for your next exam. Policies can be used “out of the box,” modified, or replaced with your existing policies. Features of the policies include:

Policy Statement
Program Mission
Scope
Roles and Responsibilities
Due Diligence Requirements
Preliminary Vendor Evaluation Worksheet
Vendor Risk Ranking Matrix
New Vendor Process
Ongoing Monitoring Requirements Definitions

Key Features

Fully automated Vendor Due-Diligence and Risk Management
Complete, customizable program policy templates
Extensive due diligence questionnaires
Document repository
Vendor issue tracking and trending
Vendor ranking and ranking trend reporting
Configurable for centralized or decentralized operation
Extensive reporting
Online Independent 3rd Party Security Assessments
Additional privacy module