Analyst Insight: The Gartner® Market Guide for IT Vendor Risk Management Solutions

RFx Management: The First Step in the Third-Party Risk Lifecycle

Our new RFx Essentials solution automates, centralizes, and adds risk intelligence to vendor selection decisions, with native contracting and due diligence integration.
Scott Lang
VP, Product Marketing
June 02, 2022
Blog rfx essentials 0622

Consider a common purchasing scenario: A procurement manager is engaged by a line-of-business team to help source and evaluate a new IT solution for the enterprise. That activity will likely involve the procurement manager convening an internal team of potential users, gathering and finalizing technical and business requirements, developing a scoring model, and identifying vendor candidates.

Once the vendors have been identified, the procurement or sourcing manager will invite them to complete a (usually spreadsheet-based) request for proposal (RFP). Procurement will send multiple emails to multiple vendors, answer seemingly endless questions, gather responses, and collate answers to enable comparison.

Then, the procurement and sourcing manager will work with the line-of-business team to evaluate and compare vendor responses based on the technical and business requirements, and select a final candidate. Once the vendor is notified, procurement moves to negotiate the contract and pricing, and the vendor relationship begins.

The Problem with Existing RFx Approaches

This scenario all too common in enterprises today. Teams utilize a highly manual process focused solely on determining whether the solution is fit for purpose and fit for use. However, they often ignore the potential risks that a new vendor could introduce into their environment until after the contracting process has begun (or worse, after it’s completed). This raises a clear need for:

  1. Automation to simplify and speed the evaluation process
  2. Intelligence to match a vendor’s risk with the organization’s risk appetite

The problem is, there have been few options available that enable teams to efficiently accomplish both objectives. Until now.

Introducing RFx Essentials: Strengthening Vendor Selection Processes with Automation and Intelligence

Today, Prevalent is announcing RFx Essentials, a SaaS solution that centralizes and automates the distribution, comparison, and management of requests for proposals (RFPs) and requests for information (RFIs). RFx Essentials makes it easy for procurement teams to not only select solutions and vendors that meet your organization’s functionality and risk requirements, but also take a critical first step in managing risk throughout the third-party lifecycle with built-in vendor intelligence.

Comprehensive Risk Intelligence for Vendor Selection

Unique risk intelligence capabilities in the RFx Essentials vendor profile include:

  • Vendor demographics, such as geographic location, which can help refine data privacy considerations or understand regional corruption and geo-political risks
  • Fourth-party technologies in use, providing much-needed visibility into technology concentration risk and to uncover peripheral technologies
  • Environmental, social, and governance (ESG) scores to determine if the vendor is aligned with your enterprise’s core values

Additional insights available in line with RFx responses include:

  • Business updates, like recent M&A activity, news, regulatory and legal information, and operational updates that could signal vendor instability
  • Reputational insights such as adverse media, sanctions, state-owned enterprise screening, and politically exposed persons (PEPs) screening
  • Financial insights, including credit rating, payment history, and financial performance to ensure the vendor is on a solid footing
  • Data breach history and disclosures, to help determine whether the vendor is vulnerable to cyber attacks

This comprehensive risk intelligence model adds context vendor selection decisions and can eliminate the need for multiple, siloed tools.

RFx Management Executive Brief

Learn about different vendor evaluation request documents, steps and challenges in typical RFx processes, and best practices for improving RFx automation and vendor risk visibility.

Read Now
Feature rfx management 0622

Best Practices for RFx Management and Third-Party Risk Management

In addition to comprehensive risk insights, RFx Essentials automates and centralizes selection decisions with:

  • A simplified intake form to create and populate detailed vendor profiles, centralizing previously siloed information
  • A library of pre-built RFx questionnaire templates or questions to build your own assessment, eliminating spreadsheets once and for all
  • A flexible scoring algorithm to weight answers according to your business priorities
  • Schedules that automatically distribute RFx questionnaires and kickoff workflow-driven vetting and selection processes
  • A unique link for every vendor to centrally answer RFx questions and upload supporting evidence, eliminating the manual back-and-forth of email
  • A central platform for evaluation teams to comment on answers, add notes, and invite others to review RFx answers, ensuring that all internal teams have visibility and input into selection decisions
  • Side-by-side vendor comparisons in a single “league table” report, providing visibility across procurement and line of business teams

As part of the Prevalent Third-Party Risk Management Platform, RFx Essentials features native integration with the platform’s contract lifecycle management and due diligence capabilities to automatically move vendors to the next stage of the lifecycle.

Next Steps

For more best practices on adding risk intelligence and automation to the RFx process and starting the third-party risk lifecycle with risk-based vendor selection decisions, download the executive brief, or request a demo to schedule a strategy session.

Leadership scott lang
Scott Lang
VP, Product Marketing

Scott Lang has 25 years of experience in security, currently guiding the product marketing strategy for Prevalent’s third-party risk management solutions where he is responsible for product content, launches, messaging and enablement. Prior to joining Prevalent, Scott was senior director of product marketing at privileged access management leader BeyondTrust, and before that director of security solution marketing at Dell, formerly Quest Software.

  • Ready for a demo?
  • Schedule a free personalized solution demonstration to see if Prevalent is a fit for you.
  • Request a Demo