Third-party risk management: How to detect and assess high-risk vendors in your business