Vendor Risk Management

Vendor risk management is a strategic requirement as organizations turn to vendors and service providers to meet requirements of GLBA, BITS and PCI, to protect supply chain from disruptions, reduce operating costs, and improve core competencies. TrustedAgent provides a risk-based, repeatable approach to evaluate vendor performance, identify and track vendor risks and agreed-upon corrective actions, manage remediation, supporting evidence and correspondences, and plan ongoing vendor re-assessments.

Highlighted Features supporting Vendor Risk Management

• Repository for Vendor Risk Management :: Track key vendor audit and risk performance metrics including artifact statuses, and completion and expiration dates. Upload and maintain vendor artifacts and correspondences to support ongoing compliance.
• Planning and Implementing Vendor Risk Assessment :: Review past performances and plan vendor audits accordingly. Define vendor assessment based on predefined controls to ensure consistency of practice. Track compliance to selected controls and document deviations for non-compliant controls.
• Vendor Risk Identification and Remediation Management :: Create and track vendor findings to support ongoing reviews. Capture vendor corrective actions and milestones along with any periodic updates provided from the vendor. Ensure completeness in remediation of identified risks.
• Management of Vendor Documentation :: Manage the ongoing verification and review of vendor's submitted documentation for validity.
• Vendor Risk Notification and Reporting :: Assist key contacts with real-time and scheduled notifications of remediation activities. Leverage visual dashboard to provide high level and detailed views to risk metrics, assessment compliance, findings, and corrective actions in both real-time and as trends over time.

Back to top