Certificates of Insurance (COI) and Beyond: The Basics of Assessing Third Parties’ Insurance

As third-party risks grow, evaluating vendor insurance coverage is a critical part of effective TPRM oversight. This paper highlights best practices for assessing, validating, and monitoring insurance protections, emphasizing collaboration, clear contractual expectations, and alignment with actual risk exposure. 

Key areas of focus include: 

– Partnering with internal insurance leaders to understand required coverage types and levels
– Identifying which third parties need deeper assessment and ongoing monitoring
– Reviewing certificates or insurance (COIs) for validity and sufficiency
– Reassessing coverage as third-party engagements evolve
–  Addressing insurance gaps in line with organizational risk appetite