Regulations including Basel II, SOX, PCI-DSS, HIPAA, GLBA and FFIEC guidelines, among others, mandate that risk-management policies extend to third-party vendors. There are ...