Gartner defines IT vendor risk management (IT VRM) as the discipline of addressing the residual risk that businesses and governments face when working with external service providers, IT vendors and related third parties. The scope typically addresses risks related to data protection, business continuity, security and other risk domains as relevant to laws, regulation and industry practices.
The compliance third-party risk management (TPRM) solutions market consists of vendors offering technologies to CCOs, among other senior leaders responsible for TPRM, to manage the risks associated with due diligence and/or ongoing monitoring of third-party vendors, distributors, agents, partners or other parties. Products in this market are often capable of supporting a range of TPRM workflows across multiple risk terrains. Risks specifically addressed may include anti-bribery and anti-corruption (ABAC), anti-money-laundering, data management and supply chain, and business continuity risks among others.