Metrics and an effective management strategy are essential for mitigating vendor related risk.
What are the key areas that you think need to be measured for an effective program?
How would you monitor these to ensure that risks are appropriately controlled?