PLEASE NOTE: On 20 July, the ISACA website will undergo a planned outage to launch a new Store experience with improved usability and easier access to career-advancing resources.

ISACA logo
  • Shop
    Cart ()
  • Get support
  • Credentialing
  • Membership
  • Enterprise
  • Partnerships
  • Training and Events
  • Resources
Need help? Get support
© 2026 ISACA
  • Certifications
    • CISA – Certified Information Systems Auditor
    • AAIA – Advanced in AI Audit
    • CISM – Certified Information Security Manager
    • AAISM – Advanced in AI Security Management
    • CRISC – Certified in Risk and Information Systems Control
    • AAIR – Advanced in AI Risk
    • CCOA – Certified Cybersecurity Operations Analyst
    • CGEIT – Certified in the Governance of Enterprise IT
    • CDPSE – Certified Data Privacy Solutions Engineer
    • CCA – CMMC Certified Assessor
    • CCI – CMMC Certified Instructor
    • CCP – CMMC Certified Professional
    • LCCA – Lead CMMC Certified Assessor Designation
    • CET – Certified in Emerging Technology Certification
    • CSX-P – CSX Cybersecurity Practitioner Certification
    View all
  • Certificates
    • AI Fundamentals
    • Blockchain Fundamentals
    • Cloud Fundamentals
    • COBIT 19 Foundation
    • COBIT 2019 Design & Implementation
    • COBIT 5 Certificates
    • Cybersecurity Audit
    • Cybersecurity Fundamentals
    • Data Science Fundamentals
    • Digital Trust Ecosystem Framework Foundation Certificate
    • IoT Fundamentals
    • IT Audit Fundamentals
    • IT Risk Fundamentals
    View all
How can we help?
  • Find the right certification
  • Navigate Career Journey
  • Maintain or renew a certification
  • Verify a certification
  • Find the right certification
  • Navigate Career Journey
  • Maintain or renew a certification
  • Verify a certification
Trusted Partner for the DoW's CMMC Program ISACA now serves as the official CAICO.
  • About Membership
    • Member Benefits
    • Membership Types
    • Browse Chapters
  • Get Involved
    • Advocacy
    • Author an Article
    • Chapter Events Calendar
    • ISACA Awards
    • SheLeadsTech
    • Volunteer
  • Maximize Your Membership
    • Career Center
    • Discounts & Savings
    • Free CPE
    • Free Resources
    • Member Experience Leadership Series
    • Mentorship
  • Engage Online Community
What would you like to do?
  • Join today
  • Earn free CPE
  • Browse chapters
  • Volunteer
  • Join today
  • Earn free CPE
  • Browse chapters
  • Volunteer
Personalize your Experience Update your ISACA profile today.
  • Performance Improvement Solutions
    • CMMI Performance Solutions
    • CMMI Cybermaturity Assessment Platform
    • Medical Device Program
  • CMMI Appraisal Results
  • Team Training
    • Skills and Credentials
    • CMMI Training and Certification
  • License Enterprise Training
  • Enterprise Support
  • Contact Us
Empower Your Team to Empower Business Growth Customize your IT team training with ISACA.
  • Become a Partner
    • Accredited Training Organization
    • CMMI Partner
    • Academic Partner
    • CMMC Approved Training Provider (ATP)
    • Sponsor
    • Global Sponsors
  • Become an Enterprise Practitioner
    • Medical Device Appraiser
    • CMMC Certified Assessor (CCA)
    • CMMC Credentialed Instructor (CCI)
    • CMMI Certified Individual
Need to find a training partner
  • Certification Training Partners
  • COBIT Training Partners
  • Academic & Workforce Partners
  • CMMI Performance Improvement Partners
  • Certification Training Partners
  • COBIT Training Partners
  • Academic & Workforce Partners
  • CMMI Performance Improvement Partners
Over 100,000 People Were Trained By ISACA in 2022 Become a Partner to capitalize on this demand.
  • Conferences
    • GRC Conference
    • ISACA Europe Conference
    • ISACA North America Conference
    • ISACA Virtual Conference
    • Student Summit
    • CMMI's Capability Creates
    • Call for Speakers
  • Training Week
  • Virtual Workshops
  • Training by Type
    • Virtual Summits
    • Webinars
    • Online Review Courses
    • Session Recordings
  • Training from an Accredited Partner
  • Training by Topic
    • All Training Topics
    • Artificial Intelligence
    • Cybersecurity
    • IT Audit
    • Certification Exam Preperation
    • Cobit
What would you like to do?
  • Earn CPE
  • Find Team Training
  • Explore Virtual Workshops
  • Find Chapter Events
  • Earn CPE
  • Find Team Training
  • Explore Virtual Workshops
  • Find Chapter Events
ISACA’s Featured Training for July: 15% OFF IT Risk Online Review Course.
  • ISACA Resources
    • Digital Trust
    • ISACA Journal
    • Frameworks, Standards & Models
    • Insights & Expertise
    • ISACA Podcast
    • Videos
    • News & Trends
    • ISACA Now Blog
  • Engage Online Communities
  • COBIT
  • Resources by Topic
    • Artificial Intelligence
    • Cybersecurity
    • Emerging Technology
    • Governance
    • IT Audit
    • IT Risk
    • Privacy
  • Glossary
What can we help you find?
  • ISACA Now Blog
  • White Papers
  • Audit Programs
  • ISACA Now Blog
  • White Papers
  • Audit Programs
ISACA's IT Audit Framework The newest edition is now available.
HomeResourcesWhite PapersAudit Oversight for Onboarding Vendors
WHPAOO
Whitepaper

Audit Oversight for Onboarding Vendors

It’s a reality of modern business that organizations need to outsource certain business activities to vendors. Without vendors, organizations would be left to fill gaps created by the need for specialized knowledge, the desire to increase revenue, or lower costs. This approach isn’t financially feasible or sustainable in the long-term. So, organizations (regardless of size and industry) trust vendors to meet these business needs. In a recent poll, Deloitte Development LLC noted that 71% of respondents stated a moderate to high level of reliance on vendors.

Businesses know that each new vendor adds an element of risk. Regulators also recognize vendor risk and have been a catalyst to drive businesses toward a standardized process for vetting new partners. Standardization includes a solid onboarding process that is part of a mature effort to establish, refine, and improve vendor oversight controls. But having the process isn’t enough. Businesses must rely on audit to confirm they’re engaging with the right vendors in the right ways. This whitepaper provides actionable takeaways for auditors to provide oversight over vendor risk management and vendor onboarding.

Download
ISACA logo

1700 E. Golf Road, Suite 400, Schaumburg, Illinois 60173, USA  |  +1-847-660-5505

  • LinkedIn
  • Facebook
  • Instagram
  • YouTube
  • Support
    • Contact Us
    • Fraud Reporting
    • Bug Reporting
  • Careers
    • Career Journey
    • Career Center
    • Careers at ISACA
  • About Us
    • Who We Are
    • Newsroom
    • Participate & Volunteer
    • Leadership & Governance
    • Advocacy
    • ISACA Foundation
    • Code of Professional Ethics
  • Join / Renew
    • Renew
    • Professionals
    • Recent Graduates
    • Students
  • Credentialing
  • Membership
  • Enterprise
  • Partnerships
  • Training & Events
  • Resources
  • Bug Reporting
  • Contact Us
  • Terms
  • Privacy
  • Cookie Notice
  • Cookie Settings
  • Fraud Reporting

©2026 ISACA. All rights reserved.