Third-party vendors. First-rate risk management.
Third-party vendor relationships are more complex than ever, with growing pressure from stakeholders and regulators. Our vendor risk management solution enables you to manage and optimize your vendor relationships.
Know your vendors
Ensure 360-degree awareness of your vendor relationships to pinpoint risks.
-
Identify weaknesses in doing business with critical third party vendors
-
Visualize fourth party concentration to identify risks
-
Prioritize and manage risk remediation
-
Maintain accurate documentation of vendor assessments, issues, and communications
-
Dynamically link to central risk libraries
Assess and monitor
Establish aggregated risk ratings for every vendor, with source data inputted directly from your vendors, and monitor emerging issues.
-
Rate vendors across all risks – financial, policy, security and operational
-
Stay ahead of future problems through automated vendor security and regulatory questionnaires
-
Streamline real-time data sharing by relationship owners and vendors
-
Schedule internal reviews of performance, impact and status
Act and communicate
Ensure rapid response times and seamless communications through user-centric interfaces, powerful dashboards and reports that keep you aware of developments and issues as soon as they arise.
-
Engage staff throughrole-based dashboards
-
Optimize productivity with workflow alerts and reminders
-
Provide holistic insights through connected data
-
Manage reporting with consolidated information and powerful visual reports
Ensure compliance with cybersecurity and regulatory standards
Comply with current and expected regulatory requirements in place in your industry, including the latest U.S. interagency guidance on third-party risk.
-
OCC: OCC Bulletin 2013-29 – Third-Party Relationships: Risk Management Guidance
-
FDIC: FIL-44-2008 – Guidance for Managing Third-Party Risk
-
NCUA: 2007 supervisory letter SL No. 07-01 – Evaluating Third-Party Relationships
-
FFIEC: Information Security Booklet
Vendor risk management brochure.
Find out how our vendor risk management solution allows you to manage vendor risk and avoid disruption.
Vendor risk management eBook.
Why and how to build an effective third-party vendor risk management program.
Take a product tour.
Our recorded product tour demonstration video takes you through the key areas of our vendor risk management solution.
Buyer’s guide
What an ERM solution is, why you need one, and how to make the right choice.
Protecht ERM - end-to-end visibility and management of vendor risk
Structured data
A holistic picture of vendor risk management across your organization.
- Centralize vendor details, questionnaires, ongoing assessments, contracts and documents
- Easily manage vendor actions, incidents, findings and issues, renewals
- Link to centrally controlled risks, controls, obligations
- Integrate with IT risk, resilience and business continuity management
Actionable insights
Granular and holistic insights across the spectrum of vendor risk management.
- Health of your entire vendor portfolio
- Insights on vendor management, risks, questionnaires, and reviews
- Easily track and report on vendor findings and issues
- Integration with enterprise risk scorecard dashboard
- Quickly identify risks visualizing fourth party concentration
User experience
Intuitive workspaces, dashboards and workflows for fast follow-up and maximum productivity.
- Streamlined workspace for vendor risk managers to easily assess, analyze and report on all vendors
- Simple, secure interface for vendors to view and quickly respond to your requests
- Digital workflows with automated alerts and reminders for actions and reviews
- Scheduler to automate report generation and distribution
Risk visualization and reports
Powerful visualizations and reports, making it easy to collaborate and communicate with all stakeholders from front line to senior management.
- Custom reports generated at the click of a button
- Dynamic vendor risk profiles
- Clear visualizations for efficient collaboration
Preconfigured content - for a turnkey launch
Optimize your vendor risk management at the click of a button with preconfigured registers, dashboards and reports.
Explore some of the assets that are included within our VRM offering:
Vendor Management
Streamline your assessment, monitoring and management of risk from third party suppliers. The Vendor Management registers and dashboards help you:
-
Gain a centralized, integrated view of your vendors, their contracts, and their risk profile
-
Keep on top of vendor reviews
-
Provide oversight and management with analytic insights on active vendors, their attributes and related risk management activity
Vendor Findings and Issues Management
This package supports management of findings and issues relating to third party suppliers. The pre-designed register and dashboard help you:
-
Identify vendor issues in a central register early
-
See findings and issues by status and trend and group the information by rating from extreme to low
Vendor Actions Management
Gain visibility of risk and compliance management actions to ensure they are carried out by the right people and at the right time. The Actions Management register and dashboard help you:
-
Create and supervise any type of action
-
Have clear visibility for actions for internal team and actions for vendor by progress, ratings and monthly trend
-
Follow-up and escalate actions
-
Identify overdue actions
Questionnaire Management
Keep control of all relevant due diligence questionnaires between you and your vendors and have a clear view of all the important actions between and your vendors. The Vendor Questionnaire register and the Vendor Due Diligence dashboard allow you to:
-
Have a clear summary of key data from vendor questionnaires at various stages
-
Quickly see the number of findings and issues and the pending actions for your team and the vendor
-
Notify vendors when a new questionnaire is assigned and due
-
Notify relationship owners when questionnaires have been submitted by vendors and ready for review
SIG Questionnaires
Assess vendor risk across 21 different risk domains with Shared Assessments' Standardized Information Gathering (SIG) Questionnaires. The comprehensive set of questions is updated yearly to keep up with the ever-changing risk environment and priorities.
-
Includes SIG Core and SIG Lite
Vendor Risk Assessment and Management
Assess vendor risk and rate the risk categories, and link relevant risk and controls in the library. The Risk Assessment report and the Vendor Risk dashboard help you:
-
Identify vendor risks in a central register and schedule ongoing reassessments
-
Rate the vendor risk and link relevant controls in the controls library
-
See key data of vendor portfolio and risks ratings
-
Clearly see the information grouped by risk categories such as vendor criticality, vendor service type, business unit and control effectiveness
Vendor Fourth Party Concentration
Record and visualize fourth parties (vendor’s third parties) with a Fourth Parties register and dashboard to help you:
-
Identify where a fourth party is relied upon by multiple vendors, creating concentration risk for the organization
-
Segment data with different filters including vendor tier, service type and criticality
Monitoring and Review Management
Streamline ongoing reviews and tasks to ensure they are carried out by the right people and at the right time. The Monitoring Register and the Vendor Periodic Reviews Dashboard allow you to:
-
Enable users to capture scheduled and completed reviews
-
Identify when reviews are overdue and coming up
-
Filter the information using different options that include review type, due date for contract renewals and vendor status
Vendor Health Scorecard Dashboard
This dashboard gives instant visibility into your vendor health score. Understand the state of your vendor portfolio, quickly identify underperforming/high risk vendors – drill into detail if required to understand why.
Vendor Summary Report
This report shows a summary of key information and activities for an individual vendor that can be generated and shared with the vendor to understand and improve performance.
Contract and Document Management
Automate reminders for expiring contracts and documents to ensure details are up to date. This includes dedicated Contracts and Document registers that offer you:
-
A central list of executed vendor contracts and agreements that captures key details such as value, expiry date
-
A central list of vendor documents such as insurance and certifications
Pinnacle stays in control worldwide with Protecht
The value of this can’t be overstated. In an industry where analytical skills account for much of your success as a company, we’re able to better leverage our intellectual capital.
Cameron Drinan
Risk & Compliance Manager | Pinnacle Investments
News and commentary
Related industries
Find out how Protecht’s industry expertise can help your vendor risk management teams meet their business requirements across our key industry verticals:
-
Banking
Manage risk and compliance with a platform configured to empower financial services providers.
-
Insurance
Stay on top of regulatory requirements with real-time reporting that gives every user risk ownership.
-
Fintech
Manage risk and compliance with a platform designed for rapid growth in a rapidly changing environment.
-
Education
Manage risk with a platform configured to support staff, students and your business needs.
-
Government
Manage risk and compliance with a platform configured to meet the needs of government entities.
-
Industry
Manage your key risk needs – from compliance and vendor management through to health and safety.
See the risks. Seize the opportunities.
Manage all your risks in one place. A single platform with endless possibilities to add to your business’s safety and success. Try it now!
