SupplierAssess is a TPRA managed service that allows companies to supplement their existing Third Party supplier risk management program by leveraging DVV Solutions expertise in performing remote and on-site Third-Party assessments. The managed service is a subscription based service which uses industry best practices to allow companies to scale their IT and non-IT Third-Party supplier risk assessments without the need for additional staff or resources.
Industry reports suggest over 60% of IT security breaches occur via a Third Party. So as organisations of all sizes become more dependent upon Third Party supplier relationships to manage and process their most critical information, understanding the key policies, security practices, and other key controls their suppliers use to protect this information becomes critical to operational efficiency and security.
However, many organisations are yet to fully grasp that challenge, as Sean O’Brien, DVV Solutions Managing Director explains: “Having worked with a number of clients on the delivery of automated Third Party risk management (TPRM) solutions we find the two biggest challenge for most organisations is the ability to execute and to significantly scale-up the numbers of risk assessments they need to perform. We know budgets remain tight and risk management resources need to be focused on management of risk rather than the time-consuming exercise of pulling together each and every risk assessment. In response to these constraints we’ve built SupplierAssess as a simple model of Third Party risk assessment and reporting that our Customers can easily buy into and quickly increase the volume of risk assessments or respond to short term requirements and new supplier on-boarding.”
SupplierAssess accomplishes this by offering the technology, process, and people necessary to deliver a consistently high standard and volume of Third-Party risk assessments. SupplierAssess leverages DVV Solutions’ investment in developing its Supplier Risk Manager platform to provide robust assessments and reporting and Supplier Threat Monitor that delivers real-time supplier threat intelligence information. “Our team of Risk Assessors analyse the results of this intelligence and deliver a comprehensive report that allows Customers to understand supplier risk, help remediate inefficient controls, and better protect themselves from Third Party risks – all in one complete bundle.” continues Sean O’Brien.
“SupplierAssess also offers our Customers the assistance they need to ensure compliance with forthcoming EU General Data Protection Regulations (GDPR). By performing this level of due diligence on their Third Party suppliers security, practices and IT environments, we can help our Customers to identify any inherent risks in their supplier estate and take the necessary actions to mitigate any risk to Customer and Employee data ahead of GDPR deadlines in May 2018.”