Third-Party Risk Management (TPRM) & Procurement

In many cases, purchasing goods and/or services from third-parties (i.e. suppliers/vendors, service providers, etc.), carries risks that may negatively impact UCLA. Third-party risk management (TPRM) focuses on identifying and reducing these risks.

The UCLA TPRM process includes specific assessments to evaluate third-party programs and practices to evaluate and minimize associated risks. 

Specific areas addressed under TPRM include Digital Accessibility, Information Security and Data Privacy.

Assessment Submission Process

Due to UCLA’s internal structure, the process is determined by your department’s classification as non-Mednet or Mednet.

To learn more about TPRM, including training and updates, view the resources below: