Chief security officer Jerry Archer says risk mitigation should begin before your company closes the deal. Sallie Mae has a go or no-go vote for any vendor it brings on. Archer contends relationships are key to vetting potential vendors. The company has more than 200 vendors total, and not a single tool is onboarded by any department without securitys approval. Good security process documentation is key, Archer says. The key is to get a level of assurance that they have documentation and people that can speak to that.”]