Silos are the bane of every organization’s existence. This is especially true in vendor risk management, where siloed intelligence can severely limit your risk visibility. Our latest releases, Prevalent TPRM Platform v3.20 and Vendor Threat Monitor v2.3 are all about knocking down these silos with new sources of vendor risk intelligence.
The new releases deliver:
Gaining regular views into the financial and credit health of your top-tier vendors can provide proactive insights into whether or not they are viable or could present possible future supply chain disruptions. Sourcing the lowest-risk solutions for your organization can be complicated and risky without a clear picture of the vendor’s financial and credit history.
Prevalent Vendor Threat Monitor v2.3 introduces financial reporting, enabling the monitoring of credit scores and financial risks for organizations within North America alongside the cyber and business risks already available in the solution. This new capability taps into financial information from a global network of 365 million businesses, and accesses five years of organizational changes and financial performance – including turnover, profit and loss, shareholder funds, and more. This enhancement enables companies to screen new vendors, monitor their existing vendors beyond typical cyber risks, and evaluate vendor health for more informed sourcing decisions.
The new financial profile includes credit summary information and registration data for all monitored entities.
Many organizations struggle to correlate vendor information housed in multiple tools outside of the vendor risk management system (e.g., in a D&B Hoovers database or procurement platform). To properly manage a vendor from cradle to grave, it’s necessary to centralize all important information into a single, authoritative source.
With TPRM Platform v3.20, Prevalent has introduced a redesigned entity profile page with a new feed that presents valuable company-specific information – such as head office location, ownership, revenue, SIC code, and fiscal year end – alongside centralized assessment status, upcoming submissions, risks and tasks, and mapping of fourth parties used by the vendor. This new entity page delivers a complete view of a vendor’s key details, helping you gain greater visibility and reducing the time required to manage vendors.
The new entity profile provides a consolidated view of entity activity.
Available for download in a pdf summary format, it’s simple to share a complete snapshot of each vendor with internal or external stakeholders.
New exportable PDF reporting from the entity profile page makes sharing key details about vendors with multiple stakeholders a snap.
The Prevalent Third-Party Risk Management Platform was the first solution to fully integrate the results of assessments with native continuous monitoring for a complete 360-degree view of vendor risk. With v3.20, Prevalent has extended the sources of continuous monitoring by introducing the ability to import BitSight summary risk data into the Prevalent Platform. With this integration, existing BitSight customers can:
The overall BitSight score and domain scorings can also be integrated into the Prevalent Vendor Threat Monitor (VTM) monitoring profile, enabling customers to augment the cyber risk data gained from BitSight with the business and financial risk data from Prevalent VTM. This integration extends the sources of cyber monitoring intelligence available to customers in the Prevalent Platform, and enables BitSight customers to gain a complete and integrated TPRM solution. Learn more in the BitSight Connector data sheet.
BitSight ratings are presented alongside VTM data, providing a consolidated view of potential risk with the ability to drive remedial actions.
For more information on this release – including addition enhancements to ActiveRules, and answer-by-answer questionnaire review – please see the What’s New document or read the Release Notes on the Prevalent Customer Portal.
Prevalent Platform v3.24 enhances customer-third party collaboration and introduces technology concentration risk capabilities.