What Is Vendor Due Diligence?
Vendor due diligence is the process of assessing and evaluating third parties against a set of specific criteria. Ongoing due diligence should occur whenever there are changes to the scope of a vendor’s services, as well as on an ongoing, periodic basis. Completing ongoing due diligence through a risk-based approach helps you prioritize which vendors need monthly due diligence (i.e. critical or high-risk vendors), annual due diligence (i.e. medium-risk), or every other year (i.e. low-risk vendors). Vendor due diligence must be both comprehensive and efficient, which without automated software, means countless hours spent on paperwork and spreadsheet management. LogicManager’s vendor due diligence solution package enables you to streamline those processes across your entire organization.
Potential Vendor Due Diligence Risks
At LogicManager, we live by the fact that you can outsource processes, but you cannot outsource risk. But given the fact that vendor information can change at any time, it doesn’t matter how in-depth your vendor due diligence processes may be; at the end of the day, your organization is still vulnerable to the variety of evolving risks that your third parties face.
In 2013, Target fell victim to a security breach that gave hackers access to millions of customers’ sensitive information. On top of the $202 million they spent on legal fees, Target shelled out nearly $20 million in a multistate settlement. Their sales also decreased dramatically. The hackers gained access via a third-party POS system. In other words, the entire scandal could have been prevented had Target practiced proper vendor due diligence.
Customers don’t care if your vendor is ultimately to blame for an issue; the reputational damage is ultimately a forfeiture felt directly by your company. Not only will a scandal like Target’s impact your bottom line, but in the absence of software, consultants and additional FTEs hired to run your vendor due diligence efforts are never cheap.
If there is a critical change to one of your vendors, chances are that you won’t be informed immediately, which leads to blind spots. That’s why it’s critical to have processes in place for after you’ve collected due diligence information to ensure that you are performing your due diligence proactively on a regular basis.
Related Vendor Management Content