Vendor Risk Management


The effective management, use and monitoring of vendors and third parties for goods and services is critical to the success of every business. We support our customers with consulting on industry typical and best practices in managing their vendor relationships as well as vendor audits to help ensure processes are sufficiently designed to minimize risk of billing errors, service quality or fraud, and to identify potential overbillings for recovery.


Stinnett’s VRM Services team are experts at analyzing policies and procedures to help ensure our clients are effectively managing the risks associated with third-party vendor relationships. These include analyzing functions such as:

  • Vendor contract management, including bidding and contract awarding policies plus key inclusions in vendor contracts to minimize exposure
  • Vetting and approval of vendors
  • Invoice monitoring and verification processes
  • Procurement and materials inventory management practices
  • Regulatory compliance considerations
  • Ethics guidelines for employees and vendors
  • Routine and ongoing vendor auditing
  • Cybersecurity


For specific vendor audits, we start with a comparison of selected detailed invoices to the agreements and approved rate sheets to confirm charges are legitimate and accurate. Typical vendor audits also include an onsite visit to the vendor’s site to perform activities such as:

  • A review of vendor expense records for potential ethics issues like inappropriate gifts or trips
  • Verification that vendor employee-related charges (including per diems) were accurate and legitimate
  • An analysis of the vendor’s cash disbursement journal for payments to the company or the company’s employees
  • A review of the vendor’s accounts receivables entries for “no charge” or deeply discounted services
  • A review of the vendor check register and/or bank statements to determine if any payments were made directly to company employees
  • Confirmation that materials and equipment charges on invoices are legitimate
  • Changes to rates or the scope or timing of work was properly communicated by the vendor and approved

We believe in identifying the root cause or contributing factors for any identified vendor issues. That’s why our vendor audits include recommendations on potential improvements to vendor management practices that can help reduce the risk of exposure to similar issues occurring in the future.


A critical component of our vendor audits is identifying potential overcharges and cost recovery opportunities. In addition to the obvious benefit of recovered funds, we believe cost recovery analysis is beneficial to ensure a company not only limits its exposure to excessive or inaccurate construction costs, third-party billings and vendor payments, but also identifies opportunities to maximize cash flow. While identifying potential cost recovery opportunities, we assist our clients in finding the root causes which gave rise to cost recovery situations and provide recommendations on possible control improvements to reduce the likelihood of these recurring.

The nature and approach of our cost recovery analysis depends upon the client’s exact needs and can include the identification of:

  • Duplicate vendor payments
  • Markup charges are valid and in accordance with agreed upon terms
  • Identification of vendor “ghost” employees or employee overcharges
  • Missed discount opportunities to improve cash flow
  • Inaccurate or inappropriate sub-contractor related billings
  • Inappropriate or inaccurate rates, quantities and other items on third-party invoices
  • Overpayments of erroneous or unapproved overtime hours
  • Excessive vehicle mileage charges
  • Incorrect or unauthorized per diem payments

Contact us

Jeff Dehart, CIA, CISA, CBCP, CFE
Jeff Dehart, CIA, CISA, CBCP, CFE
Principal, Vendor Risk Management


Office(s): Oklahoma City and Dallas