Vendor Risk Management (VRM)

Vendor Risk Management is a term often used interchangeably with Third-Party Risk Management (TPRM), though it typically emphasizes procurement and contracting dimensions more heavily. TPRM and Third-Party Cyber Risk Management (TPCRM) cast a wider net across cybersecurity, compliance, operational, and reputational risk.