What is vendor risk management? Vendor risk management (VRM) is the policy of ensuring that the relationship between service providers and IT organizations does not create an opportunity for interruptions in business productivity, profitability, and performance. The VRM process indicates that organizations should consistently monitor, manage, and assess their risk potential from outside vendors and any third-party suppliers that provide IT products, services, and solutions or that have...