Prevalent TPRM Platform v3.18 Introduces Risk Relationships & Improves Vendor Monitoring

Enhancements ensure proper context and visibility in third-party risk management assessment and monitoring.
By:
Alastair Parr
,
Senior Vice President, Global Products & Delivery
May 26, 2020
Share:
Video risk relationships 0520

We're excited to announce the v3.18 release of the Prevalent Third-Party Risk Management Platform, which includes new capabilities for defining and diagraming risk relationships. In conjunction with this update, we’re also releasing v2.1 of Vendor Threat Monitor, which includes filtering, reporting and alerting enhancements.

Risk Relationships Add Context to Compensating Controls

To effectively manage risk, you need to understand compensating controls (i.e., alternate measures you can take to fulfill a requirement). After all, an identified risk might not represent an actual threat if there is a compensating control in place to mitigate it.

However, most third-party risk management platforms and frameworks (such as ISO27001, NIST, CMMC, etc.) look at controls in isolation and can lack context for compensating controls, which can make it difficult to determine the best course of remediation.

Prevalent Platform v3.18 addresses this issue by introducing risk relationships – a clear, easy way of seeing associations between risks. This new capability ensures that you have the proper context when determining whether risks should be addressed directly or by applying compensating controls.

How risk relationships work

Risk relationships are defined in the Prevalent TPRM platform. If a vendor assessment response raises a relevant risk or risks, then the platform will automatically generate and display any applicable risk relationships.

This new capability enables customers to:

  • Define and customize risk relationships with multiple attributes
  • Automatically identify risk relationships for both historical and current assessments
  • Review, search and filter all risks and their relationships
  • Manually create risks if necessary
Prevalent v3.18 Risk Relationships

The new Related Risks capability enables reviewers to define rules for compensating controls and view relationships between risks.

Filtering, Alerting and Reporting Enhancements in Vendor Threat Monitor Ensure Complete Risk Visibility

Since unveiling the first full-featured, natively integrated third-party risk assessment and monitoring solution in September 2019, we have released continual enhancements to deliver 360-degree visibility into third party risk. Version 3.18 builds on this momentum with Vendor Threat Monitor v2.1 improvements including:

  • Interface enhancements enable users to centrally track cyber and business risk monitoring status. Users can view monitoring status by vendor and sort results by score for fast risk identification and remediation.
  • New email notification capabilities increase efficiency and visibility with daily summaries of high-risk events triggered by cyber and business monitoring.
  • Advanced threat event filtering allows teams to zero-in on critical risks. Filters include event type, priority, date range, and threat category.
  • A new executive report clearly displays threat events and risk scores for each vendor (or other monitored entity).
Prevalent v3.18 Threat Monitoring Executive Report

New executive reports display an overview of risks by type and severity, while allowing reviewers to drill down to risk details for scoring verification and validation.

I hope you're as excited as we are about these enhancements! For more information on this release, please see the What’s New document or read the Release Notes on the Prevalent Customer Portal.

Tags:
Leadership alastair parr
Alastair Parr
Senior Vice President, Global Products & Delivery
Alastair Parr is responsible for ensuring that the demands of the market space are considered and applied innovatively within the Prevalent portfolio. He joined Prevalent from 3GRC, where he served as one of the founders, and was responsible for and instrumental in defining products and services. He comes from a governance, risk and compliance background; developing and driving solutions to the ever-complex risk management space. He brings over 12 years’ experience in product management, consultancy and operations deliverables. Earlier in his career, he served as the Operations Director for a global managed service provider, InteliSecure, where he was responsible for overseeing effective data protection and risk management programs for clients. Alastair holds a university degree in Politics and International Relations, as well as several information security certifications.
  • Ready to get started?
  • Schedule a personalized solution demonstration to see if Prevalent is a fit for you.
  • Request a Demo