David England's blog

Breathing New Life into Traditional Vendor Management

Vendor risk management is part of effective governance.

SIG University Certified Third Party Risk Management Professional (C3PRMP) Program graduate David England has noticed a decline in vendor management teams. He shares his thoughts on how the adoption of third-party risk management strategies by vendor management teams can help position them as a key asset and reverse their decline.

In the C3PRMP program, students focus on best and emerging practices to identify, assess, manage and control third-party risk throughout the lifecycle of relationships, and learn how to align risk fundamentals and frameworks with risk culture to develop the essential tools and controls for effective governance.


There is a growing awareness within the mainstream business community of the importance associated with effective third-party risk management – a capability that has been nicely incubating and maturing within heavily regulated industries, such as banking and financial services, for eons. This increased exposure and attention could be just what is needed to revitalize the flagging vendor management movement.

Many F500 organizations have well-established vendor management capabilities that spawned several decades ago with the onset of strategic process outsourcing and continue today as an effective operational strategy. Many organizations I have consulted with over the past 15 years benefit from these capabilities, which has helped them achieve the value intended from these important vendor relationships. These key capabilities include:

David England, Director, Governance Services at ISG