- PCI DSS
Globalization of business has changed procurement processes significantly and companies can now source goods and services from vendors across the world. As companies change their procurement strategy from single vendor model to multiple vendor model, they face inevitable vendor risks. For an example your vendor fails to replenish office supplies in lead time or IT vendor's fraudulent business practices impacts your business projects and revenue.
Single sourcing process puts companies at risk by having too much dependence on a single vendor. Multi sourcing model dilutes the accountability and increases risks in collaboration and coordination across the vendor base. In both single and multi sourcing model, vendor risks are high and should be managed and mitigated through risk management approach. Organizations regulated by PCI DSS, BASEL, HIPAA, SOX and other regulations have to ensure that vendors accessing their assets and systems should be compliant with regulations.