Third-party risk management frameworks provide organizations with a roadmap to build their TPRM programs based on industry-standard best practices. Popular frameworks such as the National Institute of Standards and Technology (NIST) and International Organization for Standardization (ISO) can be used as a foundation for building a TPRM program.