Identification and management of third‑party risk is a constant challenge for all companies conducting business overseas. At compliance conferences, the speakers up on the dais are almost always from large companies with significant compliance resources, making benchmarking difficult for the compliance stakeholders at mid‑market companies who make up much of the audience. In a guest article, William Semins and David Peet, partners at K&L Gates, provide practical advice for those who feel that the standards set at these conferences and in other venues are unattainable on their limited budgets back home. Semins and Peet explain that, through dynamic risk assessment, resource allocation and communication, mid‑sized firms can effectively manage third‑party risk even with mid‑sized resources. See “Managing Vendor Contracts From the Data Controller's Perspective” (Mar. 31, 2021).