Analyst Insight: The Gartner® Market Guide for IT Vendor Risk Management Solutions

How a Global Insurance Company Increased Supply Chain Risk Assessment Coverage by 85%

Discover how one of the world's largest insurance companies increased risk visibility over hundreds of suppliers and strengthened executive confidence in their supply chain risk posture.
July 15, 2021
Case study global insurance 0621

One of the largest insurance companies in the world was faced with an inconsistent, manual approach to assessing supply chain partners, which restricted visibility and increased security risks. By implementing the Prevalent Third-Party Risk Management Platform and leveraging Prevalent Vendor Risk Assessment Services, this under-resourced team exceeded its goals and achieved a measurable return on investment.

The Challenge: Assess Hundreds of Suppliers with Limited Resources

A global insurance company with over 500 suppliers was struggling with an inconsistent, manual approach to conducting third-party risk assessments. Because the process was spreadsheet-based, the team of three people responsible for vendor risk assessments at the time was not able to scale their program to assess new suppliers.

The assessment team was also challenged to adapt their ISO-based questionnaire to the organization’s specific needs – without burdening assessors with excessive interpretation requirements.

The Solution: Prevalent Vendor Risk Assessment Services

The company chose Prevalent to address their supplier assessment challenges. Prevalent’s Vendor Risk Assessment Services helped to establish a consistent and repeatable assessment process, build a standardized questionnaire to gather necessary data, and centralize all suppliers in the Prevalent Platform.

First, Prevalent utilized the profiling and tiering capabilities available in the Platform to identify 50 critical, tier-1 and tier-2 suppliers out of the total population. Prevalent then augmented the existing team by collecting all assessment data from these critical suppliers in under four months, markedly streamlining supplier collaboration.

Next, Prevalent conducted remote reviews to validate the assessment responses and controls reported by suppliers. Finally, the Prevalent ROC team met regularly with the client team to ensure assessments were on track, that key performance indicators (KPIs) were being met, and that the company’s risk assessment processes were continually maturing. “We haven’t experienced that level of partnership before,” said the company’s information security advisory services manager. “Prevalent’s level of engagement was out of this world.”

Having this solid foundation in place has enabled the team to expand their supplier risk management initiatives. Because they have Prevalent managed services to support them, they can now:

  • Reduce outside consultancy spend and shift budget in-house.
  • Map their entire Nth-party supply chain using the Prevalent solution’s relationship mapping capability, which is especially helpful for insurance industry regulators that need information about supplier impacts when incidents occur.
  • Connect the dots on incident management among suppliers by incorporating additional supply chain threat intelligence and layering in threat monitoring and threat management.
“Prevalent really cares, and the ROC team is exceedingly responsive. Sometimes, when you’re dealing with a large company, you’re just a number. With Prevalent, we don’t feel like that at all. They are a stakeholder in our success.”
Information Security Advisory Services Manager

The Results: 85% Improvement in Supplier Risk Assessment Coverage

The company has seen tremendous return on their investment with Prevalent. They now have a third-party risk management platform that fits their needs, managed services to help them with process and scale, and the knowledge and skills needed to bring supplier risk assessments back in-house.

With Prevalent’s support, the team is now able to assess 800 suppliers with an expanded team of five. They have also improved their supplier assessment coverage from 30% to 100% of tier-1 suppliers, 80% of tier-2 suppliers, and 70% of tier-3 suppliers – amounting to an 85% overall improvement.

Benefits Summary

  • Implemented a consistent, repeatable and scalable third-party risk management program
  • Achieved 100% coverage of critical, tier-1 suppliers
  • Improved supplier coverage by 85%
  • Increased executive confidence in supply chain risk posture
“To achieve that level of coverage in less than a year is nothing short of amazing. With Prevalent, our leadership team is now more comfortable with our supply chain risk posture. We can now sit down and have an informed discussion on where to focus our risk management and remediation efforts."
Information Security Advisory Services Manager

Next Steps

Interested in hearing how we've helped other organizations? Read about our TPRM solutions for insurance companies, and discover more Prevalent success stories in our customers and case studies section. Want to discuss whether Prevalent may be a fit for you? Request a demo today!


Prevalent takes the pain out of third-party risk management (TPRM). Companies use our software and services to eliminate the security and compliance exposures that come from working with vendors and suppliers throughout the third-party lifecycle. Our customers benefit from a flexible, hybrid approach to TPRM, where they not only gain solutions tailored to their needs, but also realize a rapid return on investment. Regardless of where they start, we help our customers stop the pain, make informed decisions, and adapt and mature their TPRM programs over time.

  • Ready for a demo?
  • Schedule a free personalized solution demonstration to see if Prevalent is a fit for you.
  • Request a Demo