Extend your data inputs

Assessing vendor risk solely on the basis of excel questionnaires is a thing of the past. Our approach is a holistic one, where information from external data sources as well as vendor submitted information is available at the time of assessment. We’ve partnered with data breach news outlets, web application scanning companies and business health risk tools to provide a holistic picture of a vendors’ security posture.

 

With all the right information you can streamline your vendor assessment process and turn on recurring review cycles. 90-60-30 days out of an assessment date, the vendor will be notified of expiring documents giving them enough time to make the changes before the assessments start date.  

Data Feeds and Integrations

Our tool has several prebuilt integrations and connectors, and supports third-party content providers and standards (SIG, CSA). A holistic vendor assessment should go beyond just point in time excel spreadsheet questionnaires, and include the power of web application scanning tools, business health risk scoring and monitoring of security certifications and insurance certificates.

 

To accurately understand the risk of each vendor, you can customize the scoring of internally collected assessment questionnaires, web application scanning scores and submitted vendor information. The vendor’s TrustScore is the culmination of risk scores, weights and averages of what’s most important to your organization when assessing vendor risk. This creates a standard for understanding and communicating risk across the organization. 

Real-time notifications

What happens when changes occur or a new process is implemented at the vendor that shores up a gap? With real-time notifications around vendor activity, you will be up to date on how they’re improving their security posture.

Whether it be a change to an answer in a questionnaire, an updated security policy / document, or completed a needed remediation item you will receive real-time notifications.

 

“We receive breach notifications, a security scorecard for the vendor and also notifications regarding any documentation that might be expiring. We can easily setup the vendor for defined review cycles.”

Information Business Liaison, Trustmark Companies

Discover how to use a holistic approach to vendor risk management