Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects simply to a non-technical, business audience. Over…
Vendor risk management (VRM) is the part of supplier relationship management (SRM) that deals with the strategic management of third-party products and services. The goal of VRM is to limit risk exposure and ensure that the use of third-party products and service providers will not result in a disruption of business or negatively impact business performance.
Vendor risk management (VRM) involves a comprehensive plan for the identification and mitigation of potential business uncertainties as well as legal liabilities in regard to the use of third-party products and services. VRM plays an important role in supply chain management.
VRM has become even more important because of the prevalence of outsourcing information technology to the cloud. Because some organizations entrust some of their workflows to third parties, they lose control of those workflows and have to trust the third party to do their job well. But disruptive events like natural disasters, cyber-attacks and data breaches are often out of the organizations’ control and are becoming more frequent. Even with all the benefits of cloud computing, such as heightened efficiency and the ability to focus on core business objectives, if vendors lack strong safeguards and controls/restrictions, customers could be exposed to operational, regulatory, fiscal or even reputational risk.
A good VRM strategy may include the following:
A vendor management system (VMS) is a Web-based application that allows an organization to secure and manage third-party services on a temporary, permanent or contractual basis. Twenty years ago, when outsourcing was still an emerging trend, the term was used primarily in the context of human resource partnerships. Today's its use has broadened to include the use of cloud services.
A VMS generally involves the following:
Techopedia’s editorial policy is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.
What are Integrated Payroll Services? Integrated payroll services are features and functionalities built into other HR software, most commonly an...
Aleksandar StevanovicSoftware Reviews Expert
What is the Work Opportunity Tax Credit? The Work Opportunity Tax Credit (WOTC) is defined by the U.S. Department of...
What is Earned Income Tax Credit? Earned Income Tax Credit (EITC) is a refundable tax credit awarded to workers and...
Trending NewsLatest GuidesReviewsTerm of the Day