What is 'vendor tiering' in the context of third-party risk management?
-
A
Ranking vendors by the length of their contracts
-
B
Categorizing vendors by their geographic location
-
C
Classifying vendors into risk levels to allocate due diligence and monitoring resources proportionally
-
D
Sorting vendors alphabetically for administrative ease