An inventory set up and used throughout the vendor lifecycle in which an organization identifies all the risks involved in outsourcing a specific service/activity, providing in sum a record of all the risks associated with all third parties across the organization. Each risk is graded in terms of likelihood of occurrence, seriousness of impact, initial plans for mitigating each known high level risk, potential costs and assignment of responsibilities of the prescribed mitigation strategies and subsequent results. The register usually includes: a unique identifier for each risk; a description of each risk and how it will affect the service and the organization; an assessment of the likelihood the risk will occur and the possible seriousness/impact if it does occur (low, medium, high); a grading of each risk according to a risk assessment table; who is responsible for managing the risk; an outline of proposed mitigation actions (preventative and contingency); and in larger projects, the cost of each mitigation strategy. This register should be maintained throughout the vendor lifecycle and will change regularly as existing risks are re-graded in the light of the effectiveness of the mitigation strategy, and new risks are identified.
Third-Party Risk Register
- Home
- About Shared Assessments
- About Us New
- Advisory Board
- Assessment Firms
- Awards
- Blog
- Cart
- Certification
- Checkout
- Code of Ethics
- Committee Form
- Committees
- Contact Form
- Controls Evaluation in TPRM: Governance and Information Protection
- Controls Evaluation in TPRM: Technology Management and Operational Risk
- Controls Evealuation in TPRM
- Cookie Notice
- CPE Notice New
- Create an Account
- CTPRA Certification
- Ctpra Course Introduction
- CTPRA Examination Preparation
- CTPRA Job Guide
- CTPRA Practice Test
- CTPRA Practice Test II
- CTPRA Program Requirements
- CTPRA Study Guide
- CTPRP Certification
- CTPRP Examination Preparation Testing Process
- CTPRP Job Guide
- CTPRP Learning Course Introduction
- CTPRP Practice Test
- CTPRP Practice Test II
- CTPRP Program Requirements
- CTPRP Study Guide
- Data Governance Tools
- Directory
- Diversity, Equity and Inclusion
- Download Error
- Earning CPE Hours
- Education
- ESG SIG
- Framework
- Glossary
- Home
- In The Know
- Inherent Risk Rating
- Interagency Guidance Gap Analysis
- Iron Mountain Member Case Study
- Job
- Job Board
- Leadership Team
- Learn
- Licensees
- Licensees
- Login
- Member Benefits
- Members and Subscribers
- Membership New
- My Account
- News
- On Demand Event Video
- Online On-Demand TPRM Certification
- Partner Prospect
- Partnership
- Performing Risk-Based Due Diligence
- Portal
- Privacy Policy
- Product Support Center
- Products
- Quick SIG Demo
- Regulatory Hub
- Reset Password
- SCA
- Setup 2FA
- Shared Assessments Membership Inquiry
- Shared Assessments Product Inquiry
- SIG
- SIG FAQ
- SIG Fundamentals
- Speaker Interest
- Steering Committee
- Subject Matter Experts
- Summit Interest
- Sweepstakes Terms
- Terms And Conditions
- Terms of Use
- The Shared Assessments Third Party Risk Summit
- The Shared Assessments Third Party Risk UK Summit
- Third Party Risk Management Foundation
- Third-Party Risk Program Management
- Tools Support
- TOS Agreement Form
- TPRM Fundamentals
- TPRM Fundamentals – Details
- TPRM Program Design and Structure
- TPRM Program Operations and Implementation
- VRMMM
- Website Terms
- What is the SIG?
- What Is TPRM? A Guide To Third-Party Risk Management
- Workshops
- Best Practices
- Education
- Framework, Industry Guidance, and Regulations
- Risk Landscape
- Shared Assessments
- Tools and Products