For those of us in the IT industry, the debate about third-party due diligence ended two years ago when the Department of Justice (DOJ) prosecutors and members of the Securities and Exchange Commission staff publicly pronounced that the use of channel partners was the biggest risk to IT companies, “bar none.”

Of course, the risk is not limited to IT companies. Increasingly, enforcement authorities recognize the importance of conducting adequate due diligence on third parties, regardless of industry.