Vendor Risk Management (VRM)

In the current technological environment, vendors are not only helpful but are sometimes required to run certain aspects of many businesses. At the same time, each of your vendors presents a unique risk to your organization, whether it’s information security or the availability of your company’s product or service. Understanding and managing this vendor risk is a key component of any truly effective security program. LBMC Information Security uses a business-centric and tailored methodology that includes:

  • Reviewing and analyzing your existing VRM program and making recommendations for improvements
  • Collaboratively develop vendor survey questionnaires and an improved risk assessment approach
  • Executing proof-of-concept assessments on a sample of vendors using LBMC Information Security’s proprietary risk assessment tool, BALLAST
  • Conducting assessments on the agreed upon vendor population

With these best practices in place, you can maintain and scale your third-party vendor risk management program.

Executive Team

Link to Mark Vendor Risk Management

Mark Johnson

Shareholder, Information Security

phone icon email icon Nashville
phone icon email icon Nashville
Link to Matt Vendor Risk Management

Matt Sadler

Senior Manager, Information Security

phone icon email icon Nashville
phone icon email icon Nashville
Link to Robyn Vendor Risk Management

Robyn Barton

Senior Manager, Information Security

phone icon email icon Nashville
phone icon email icon Nashville
Link to Brian Vendor Risk Management

Brian Willis

Senior Manager, Information Security

phone icon email icon Nashville
phone icon email icon Nashville