What is the term for risks arising from the use of third-party vendors?

The term for risks arising from the use of third-party vendors is third-party risk. This type of risk emerges when an organization relies on external entities for products, services, or processes. Such reliance can introduce vulnerabilities associated with the vendor's reliability, security practices, compliance with regulations, and overall operational effectiveness.

Organizations must assess third-party risk to understand how these external relationships could impact their operations, security posture, and compliance obligations. Effective third-party risk management includes evaluating the vendor's risk profile, conducting due diligence, and establishing security and performance criteria within contracts to mitigate potential dangers.

Operational risk generally refers to risks arising from internal processes, people, or systems that can lead to operational failures, while compliance risk pertains to the possibility of failing to meet legal and regulatory requirements. Credit risk is associated with the possibility of loss due to a borrower's failure to repay a loan or meet contractual obligations, which does not directly relate to vendor relationships. Thus, the focus on the specific risks tied to third-party engagements distinctly aligns with the concept of third-party risk.