You probably already classify third parties based on certain risk indicators - their size, the size of the contract, the types of data they process, their reputation, their ability to provide service continuity, etc.
You may also have regular risk based reviews of some/all of them (but hopefully not relying on these types of reports).
Such risk oversight is often the domain of the CPO or similar. This can lead to a focused risk assessment - and not necessarily spanning the broader enterprise objectives; for leading organisations, however, the management of 3rd party risk is shifting from being reactive and internally focused to being more proactive and customer focused - i.e. ensuring alignment with customer expectations and objectives.
In particular then, does your risk assessment and response consider:
If you partner with a 3rd party (e.g. white labelled products/services), the additional dimension - direct customer contact - could be more important than any of the others.
As a customer focused organisation, you want to ensure that your customers continue to receive the high levels of service (and experience) quality that you are known for and work hard to deliver consistently.
What this means is that your assessment must also consider:
What else do you consider when evaluating customer-facing 3rd party risk?