In this Dover case study we discuss switching to a TPRM process automation & workflow management platform like ThirdPartyTrust with our customers, Tim Bradley, Director, Cyber Security Risk Management, and Swapna Rane, Cyber Security Risk Management Lead, Dover Corporation.
Dover Corporation is a diversified global manufacturer that delivers innovative equipment and components, consumable supplies, aftermarket parts, software, digital solutions and support services.
With 60 years of history and approximately 24,000 employees, Dover interacts with hundreds of third-parties, and the team was finding the process of third-party risk management too time consuming.
The Search for a TPRM Tool
Third-party risk management is a complex space, with many products and services spread throughout the organization. Managing all third-parties can consume lots of resources and time, so every decision is strategic about automation and saving resources. Tim Bradley, Director, Cyber Security Risk Management at Dover Corporation, needed a cost effective solution, as automated as possible, in order to reduce the manual efforts, the duplicated tasks, and the back & forth via email and phone.
As told by Mr. Bradley, most of the other TPRM platforms they evaluated were either not cost effective, or they required too much manual intervention. So what brought value to the table in the ThirdPartyTrust platform was the fact that it would take away a lot of that off the team’s plate.
Swapna Rane, Cyber Security Risk Management Lead, stated: “We did a PoC that assessed 25 third-parties, and we really liked what the tool had to offer. The team at ThirdPartyTrust has been extremely professional to work with, and they’re always continuing to improve the platform”.
Usability at its Best
When asked about usability, the team highlighted the ease of use and the ability to have a quick view of the overall health of the vendor ecosystem. With a custom set of labels, the system determines the requirements for each third-party, so they just need to log in and go through the watchlist. It’s also very easy to get in touch with the third-party and report findings on the questionnaires, certifications, insurances, etc.
Automation has greatly reduced the manual efforts and the overall assessment process is now finished much quicker. There’s also room for internal collaboration, with more ownership from the internal client who submits the intake form and initiates the process.
Another advantage of having a cloud based platform is encryption, which is a big concern for security leaders. A lot of companies still share sensitive documentation via email and rely on the recipient to encrypt and safely store that document. However, ThirdPartyTrust offers a secure platform to exchange documentation, which is encrypted in transit and also stored safely.
Having consolidated the third-party risk management process, the team is thinking about bringing in 20 Dover subsidiaries to the platform, so the number of vendors managed through ThirdPartyTrust is about to increase dramatically.
As closing words, Mr. Bradley summed up: “I would recommend ThirdPartyTrust because it’s cost effective, vendor friendly, delivers quality assessments, and the level of automation greatly reduces our overall resource time”.
To learn more about how ThirdPartyTrust can help you streamline your TPRM program, request your free trial now: