REQUEST A DEMO

About Us

Send your CV






Please leave this field empty.

Welcome to DVV Solutions

DVV Solutions was established in 1999, and has become one of the UK’s leading providers in the design, implementation and management of Third Party Risk Management (TPRM) and IT Security services.

We have a proven model for Third-Party risk reduction and mitigation. Our suite of consultative and managed services improve your ability to manage increasing numbers and complexity of outsourced supplier risk backed by leading risk intelligence and automation platforms.

Our ethos is to provide you the best value for money by offering the highest quality of service within a clear and consistent cost model. We do this by leveraging our extensive experience in the IT services sector and our best-of-breed technology and service partners.

As a Shared Assessments program member and registered Assessment Firm we utilise industry-standard practices including Standardised Information Gathering (SIG) questionnaires and Agreed Upon Procedures (AUP) for onsite assessments.

What we do

Organisations of all sizes have become more dependent upon Third-Parties to manage and process their mission-critical operations, Customer and Employee Personally Identifiable Information (PII) and commercial activities. As a consequence, understanding the key policies, security practices, and other controls suppliers use to protect this information is now critical to ensuring operational efficiency, security and regulatory compliance.

DVV Solutions has developed a proven model for Third-Party risk reduction and mitigation.  Our suite of consultative and managed services improve your ability to manage increasing numbers and complexity of outsourced supplier risk backed by leading risk intelligence and automation platforms, enabling you to;

  • significantly reduce the time and resource costs associated with in-house collection and analysis of third-party risk assessments
  • rapidly increase the scale of your TPRM program by supplementing your existing resources and enabling existing teams to manage more suppliers, more effectively
  • immediately ramp-up your existing TPRM program to ensure the assessment of mission-critical suppliers to “best practice” methodologies
  • improve the proficiency and maturity of your TPRM program to meet the most stringent regulatory requirements

Our customers include organisations from Finance, Legal, Insurance, Retail, Healthcare and the Public Sector.

How we do it

We Establish your Security Baseline – We’ll work with you to understand the maturity of your current TPRM model, identify key deliverables and build a roadmap to your ideal state.

We Map your Third Party Risk Landscape – We’ll manage your remote and on-site assessments, gather evidence and provide detailed Third Party risk reports and analysis on each service and supplier.

We Remediate and Improve – We’ll help you put the right internal measures in place and guide you and your suppliers to mitigate external risks.

We Continuously Monitor Risk – We’ll ensure an ongoing stream of threat intelligence against your security baseline and ensure any new risks are identified and addressed.

We Re-Assess and Renew – We’ll then support a regular review of your TPRM model and perform annual risk assessments to stay focussed on achieving your third party risk reduction program.

Our credentials

Since 2014, we have been audited and are accredited to ISO14001 standards. Significant environmental advances have been made since achieving the accreditation, including the use of Symantec Control Compliance Suite (CCS) to automate the management of our policies and processes.

DVV Solutions has always been committed to running its operations in an environmentally friendly manner. By achieving ISO14001 the company is publicly committing to continually review and improve its procedures to reduce its impact on the environment.

In 2016, we were also certified by QG Management Standards to the UK Government’s Cyber Essentials Scheme and The IASME Standard. Certification demonstrates our ability to mitigate risk and reduce vulnerability from cyber attacks.

The Cyber Essentials Scheme offers a core set of security controls within a standardised assurance framework and is backed by industry including the Federation of Small Businesses and the Confederation of British Industry (CBI).

You're only as strong as your weakest link

We work with you to scrutinise your Third Party relationships – service by service, supplier by supplier- and develop a rigorous Third Party risk management program that secures your extended enterprise.

We enable companies to significantly reduce the time and resource burdens of their existing Third Party risk reduction programs by leveraging our expertise in delivering Third Party risk assessments and, more vitally, the identification and mitigation of Third Party risk. Working closely with you we develop a best-practice Third Party risk lifecycle that meets the unique nature and demands of your organisation.

Shared Assessments


DVV Solutions are proud to have been accepted within the Shared Assessments global membership program with recognised status as an authorised Assessment Firm.

As the trusted source in third party risk, the member-driven Shared Assessments Program has been setting the standard in third party risk assessments since 2005.

Shared Assessments Program members work together to build and disseminate best practices, building resources that give all third party risk management stakeholders a faster, more rigorous, more efficient means of conducting security, privacy and business resiliency control assessments. For more information on Shared Assessments, visit http://www.sharedassessments.org.

Prevalent Inc.


In October 2016, DVV Solutions announced a Channel partnership agreement enabling DVV Solutions to provide Prevalent technology to UK and European customers and add significant value to their third-party assessment capabilities.

Recently named the Fastest Growing Company Cybersecurity Company by the Cybersecurity Excellence Awards, Prevalent, Inc. is the leader in third-party risk management and cyber threat intelligence, helping global organizations manage and monitor the security threats and risks associated with third and fourth-party vendors.  Prevalent introduced the only Unified Platform for Third-Party Risk Management and the first vendor evidence sharing portal with the release of Synapse.

careers at DVV Solutions


We are always on the lookout for bright new talent. You’ll find a list of current positions below but you are always welcome to submit your current CV and details of your ideal role to us.

our partners


We have teamed with world-class thought leaders, industry bodies and technology providers to create best of breed TPRM services and solutions. This enables our Customers to rapidly and seamlessly implement comprehensive TPRM programs with the highest quality of service and support.

Why choose us?


We are specialists in Third Party Risk Management with over 18 years of experience in Cyber Security and Governance, Risk & Compliance
We are a Shared Assessments program member and recognised Assessment Firm with CTPRP-certified Risk Assessors.
We are focused on delivering a Third Party Risk Management program that secures your data supply chain and enhances your IT security posture.