Customizable Third-Party Assessments
Not All Assessments are the same
While some third-parties handle your customers’ PII, others have access to your facilities. Different risks arise and therefore, different questions need to be asked.
ThirdPartyTrust makes it easy to scale custom assessments to hundreds of third-parties, so you can collect the right information based on the risk level.
Collect Documents Based on Risk
You can increase the number of assessments done per year with the required documentation feature. Requirements can consist of:
- Cyber Liability/ Data Privacy, Errors and Omissions, and Directors and Officers and other insurances
- Certifications such as HIPAA, ISO 27001 and PCI DSS
- Customized or Industry Standard Questionnaires
- Attestations such as penetration testing, application scans and general security audits
You can also require your third-party to add their most critical vendors to the platform through a manual process. This is called a fourth-party vendor.
Tracking, Sorting and Segmenting
Teams can develop a system of labels, rules and filters to manage the overall approval process. Completion is then mapped in a status bar for everyone to see.
Filters allow to drill down to the third-parties that need attention sooner rather than later, and you can also use the labeling system to develop requirement rules around regulation, risk tiers and scores.
The overall process to integrate vendors is simple