A TPRM practitioner must present a vendor risk portfolio summary to the audit committee. Which structure is most effective?
-
A
A comprehensive listing of every vendor and their individual questionnaire scores
-
B
An executive summary with key risk trends, critical outliers, and recommended actions
-
C
A technical deep-dive into each vendor's security architecture
-
D
A raw data export from the TPRM platform without narrative