The results of the Vendor Risk Management Benchmark Study can be viewed as cause for optimism - or concern, depending on one's view of the world. From a "glass-is-half-empty" perspective, it appears that third-party risk management programs may be stagnating. The survey respondents rated their overall maturity in most of our vendor risk management categories to be virtually identical to levels reported in our 2014 results for the same areas. For those who favor the "glass-is-half-full" point-of-view, these changes may reflect increased knowledge among survey respondents who have gained a greater understanding of vendor risk over the past year.
Regardless of one's perspective, the 2015 survey findings are crystal clear on a crucial point: There is still a lot of vendor risk management work to be done.