Supported by a Group of Industry Leaders, Open VRM Launches a New Zero-Cost Standard for Vendor Risk Management in the Financial Services Industry

Supported by a Group of Industry Leaders, Open VRM Launches a New Zero-Cost Standard for Vendor Risk Management in the Financial Services Industry

The Only Platform Free for Vendors, Free for their Clients

At the 2023 T3 Conference, Open VRM announces the launch of a new zero-cost standard for vendor due diligence management. Unlike traditional VRM software, Open VRM provides vendors with a free, open environment to populate, manage and share a pre-vetted security questionnaire and compliance evidence documents in one private location. Clients of vendors access the Vendor Directory with confidence to request access to vendor due diligence information. Open VRM drives faster collaboration between vendors and clients in an ever-growing cyber regulatory world.

Third-party risk management programs have generated more visibility with Management and Boards. Gartner states that “Third-party risk was identified as a top threat by compliance leaders. In fact, 83% of executives said that third-party risks were identified after initial onboarding and due diligence. 71% of organizations report that their third-party network contains more Vendors than it did three years ago. The rapidly changing business environment demands new approaches to third-party risk management that account for the new ways that organizations rely on third parties to advance business goals.”

Open VRM is spearheaded by Cyber Program Management System Buckler with oversight from an active Advisory Board of partners across Cybersecurity, Compliance, IT, and Legal Counsel.

The members of the Open VRM Advisory Board are:
• Joel Bruckenstein, T3 Technology Tools for Today
• John Cooney, Cybersecurity Counsel
• Brian Edelman, CEO, FCI, MSSP
• Vincent Guyaux, Founder & Chairman, Buckler, Cyber Program Management System
• Ken Leibow, CEO, Insurtech Express, Technology Resource
• Paul Osterberg, CEO, Security Basecamp, Cyber Compliance Services
• Stephen Simons, CEO, Restyn, MSP
• Greg Wilson, CISO, Putnam Investments, Wealth Management

Collectively, the group saw a disconnect between rules, guidance, and laws coming down from multiple regulators and the ability of Vendors and their Clients to manage the Vendor Risk Management requirements effectively.


The Open VRM Vendor Directory has more than 600 vendors already listed with their publicly available information. They are now invited to join the Directory, answer a questionnaire and upload compliance evidence documentation.

About Open VRM
Open VRM (Vendor Risk Management) offers the Financial Services industry a new standard for vendor due diligence management. Unlike traditional VRM software, Open VRM provides vendors with a free, open environment to populate, manage and share a pre-vetted security questionnaire and compliance evidence documents in one private location. Clients of vendors access the Vendor Directory with confidence to request access to Vendor due diligence information. Created by Buckler with oversight from an Advisory Board that includes cybersecurity compliance experts, Open VRM drives faster collaboration between vendors and clients in an ever-growing cyber regulatory world.

Comments are closed.