2017 Vendor Risk Management Maturity Model (VRMMM)

Price: $0.00

Vendor Risk Management Maturity Model (VRMMM)

The Vendor Risk Management Maturity Model (VRMMM) is a holistic tool for evaluating maturity of third party risk programs including cybersecurity, IT, privacy, data security and business resiliency controls. The focus of the VRMMM is to provide third party risk managers with a tool they can use to evaluate their program against a comprehensive set of best practices. Because of the VRMMM’s ability to identify specific areas for improvement, this Program Tool allows companies to make well-informed decisions that drive efficient resource allocation and use, and help manage vendor-related risks effectively. Using governance as the foundational element, the model identifies the framework elements critical to a successful program. High-level categories are broken down into components in a manner that makes the model adaptable across a wide spectrum of industry groups.

Enhancements to the 2017 VRMMM include:

  • Modifications to Maturity Level definitions and improved guidance that simplify and clarify Maturity ranking.
  • Addition of an Accountability Tab to assist organizations in assigning responsibility for completion of sections of the VRMMM, allowing users to identify the resources responsible by risk area category.

The 2017 VRMMM includes the 2017 VRMMM and VRMMM Overview

Become a Shared Assessments Program Member

Shared Assessments members are national and international organizations of all sizes that understand the importance of comprehensive standards for managing third party risk. They include financial institutions, healthcare organizations, energy/utility, retailers and telecommunications companies.

They are service providers of all sizes, consulting companies, and assessment firms. They are the best in their class, members of a global community of vendor risk management professionals who understand the value of implementing efficient and effective industry-standard practices.

Member benefits include:
  • Free access to the Shared Assessments Program Tools.
  • Working on one of the Program’s Standing Committees (SIG, AUP or VRMMM) to continue to refine the Program’s Tools. Member input is what keeps the Shared Assessments Program Tools on the leading edge of third party risk assurance issues.
  • Participate in Special Projects and Interest Groups. Join your peers to identify, discuss and address the issues you (and your management) feel are top priorities for resolution.
  • Participants in Shared Assessments committees, projects and special interest groups earn CPE credits while demonstrating risk management and compliance leadership.
  • Join the monthly Member Forum and other special interest calls. Listen to key industry and regulatory thought leaders presenting on the latest developments in vendor risk management and regulatory compliance.
  • Access to third party risk management training and education, white papers, project documents, and case studies.
  • Discounts on registration for Shared Assessments events and educational workshops.

Reminder: If you have already purchased the Shared Assessments Tools, become a Shared Assessments Program member and reduce your annual dues by the total amount of your purchase, if done so within 6 months of your Program Tool Purchase.

Learn more »

Shared Assessments Logo Deluxe Corp
Shared Assessments Logo radian
MetricStream logo
Shared Assessments Licensee Bank of the West
Shared Assessments Logo usbank
Shared Assessments Licensee Lockpath
Viewpoint Logo
Shared Assessments Logo pwc
Shared Assessments Licensee ControlCase
Shared Assessments Logo dtcc
Shared Assessments Logo first data
Shared Assessments Logo Bank Of New York Mellon
Shared Assessments Licensee Rsam
Shared Assessments Licensee Power Advocate
Shared Assessments Licensee Protiviti
Shared Assessments Program licensee Churchill & Harriman logo
Shared Assessments Licensee Pivot Point Security
Shared Assessments Licensee TD Ameritrade
Shared Assessments Logo Iron Mountain
Shared Assessments Logo Deloitte
Shared Assessments Logo Ernst & Young
Shared Assessments Licensee ZS logo
Shared Assessments Logo sei