Exclusive Report: The State of Third-Party Risk Management 2020

During the spring and summer of 2020, we surveyed over 150 third-party risk practitioners to understand the challenges facing their vendor risk management programs, examine what they’re doing to meet those challenges, and identify factors that drive their success. 

Key findings from this study include: 

• 81% of respondents claimed that 3/4 of their vendors pass their security questionnaires
• Only 14% of those surveyed trust that third parties security matches responses from their questionnaires
• The typical ratio of vendors to staff reported by TPRM programs is 50(vendors):1(staff)

We hope that you find this study helpful in your work to hold vendors accountable for managing third-party cyber risk well because you can outsource your systems and services, but you cannot outsource your risk.