Resource Library
Browse our free resources created by TPRA staff based on industry guidance and best practices to help you build and improve your third party risk management program.
Additional free resources, including assessment and questionnaire templates, are available for all TPRA Practitioner Members. Become a member for FREE to access these awesome materials! Join Now >
Establishing Accountability in Third Party Risk Management
A practical one-page guide to establishing accountability in Third Party Risk Management (TPRM) using the widely recognized Three Lines of Defense model. This resource helps TPRM professionals define roles, responsibilities, and assurance functions that ensure risks are managed effectively and accountability is embedded into organizational culture.
5 Tips for Proactively Managing TPRM Regulatory Compliance
A one-page infographic that helps you cut through the noise and regain control of third-party regulatory compliance—so you're not always stuck reacting when the next audit, breach, or regulation hits.
TPRM 101: Reporting on Residual Risk
Explore how to effectively report and communicate residual risks to decision-makers as the final step in Pre-Contract Due Diligence.
TPRM 101: Risk Escalation and/or Acceptance
This episode explains how to handle risks that cannot be remediated—through escalation, exception handling, or formal acceptance.
TPRM 101: Risk Remediation
Understand how to document, mitigate, and manage risks identified during vendor assessments—before finalizing agreements.
TPRM 101: Risk Identification
Learn how to uncover and categorize risks in a potential third-party relationship as part of the Pre-Contract Due Diligence phase.
Leadership Ladders
This training activity is designed for all current and aspiring leaders within the Third Party Risk Management (TPRM) industry.
TPRM 101: Pre-Contract Due Diligence (PCDD) - Part 1
This video introduces the second phase of the TPRM lifecycle—Pre-Contract Due Diligence—and outlines how to structure this critical stage before onboarding a third party.
TPRM 101: Contract Review
This video unpacks the Contract Review phase of the TPRM lifecycle, guiding practitioners on how to protect the organization by documenting enforceable third-party expectations in legal agreements.
TPRM 101: Program Planning & Oversight
Explore the foundational phase of the TPRM lifecycle—Program Planning & Oversight. This video introduces the core building blocks for establishing a sustainable, enterprise-aligned third-party risk management program.
TPRM 101: What Is Third Party Risk Management (TPRM)?
But before jumping right into the Life Cycle, it is important we first understand the foundations of third party risk management, including basic definitions, risk types, calculating and evaluating risk, and finally, the basics of addressing risk exposure created by your third parties.
Third Party Risk Management (TPRM) 101 Guidebook
TPRA’s TPRM 101 Guidebook is the first comprehensive, community-built resource that walks you through every phase of the third-party risk management lifecycle—with clear guidance, practical tools, and real-world examples from industry practitioners.