Third Party Risk Management - Consultancy, Assessment & Advisory

SupplierAssess - Third-Party Risk Managed Service

Comprehensive Third-Party Risk Management as-a-service

Performing effective supplier due diligence and IT security assessments is a critical aspect of your Third-Party Risk Management (TPRM) program. But it’s expensive, time-consuming, and often painful… for both your organisation, as well as each supplier.

SupplierAssess is a Third Party Risk Managed Service that allows you to simplify and improve your existing TPRM program by leveraging DVV Solutions’ expertise in performing and analysing Third Party risk.

The subscription-based service uses industry best practices to enable you to scale your TPRM program without the need for additional staff or resources. DVV Solutions provide the technology, process and people necessary to efficiently understand supplier risk, help you remediate inefficient controls and better protect your organisation from Third-Party risks.

SupplierAssess Delivers:

Streamlined Assessments – the intelligence to assess mission-critical suppliers in greater detail and within shorter timescales

Enhanced Capability – the processes, resource and skills to better quantify supplier risk and manage greater volumes of detailed supplier risk assessments

Independent, Professional Verification – the reporting of your entire Third-Party estate by CTPRP-accredited IT Security Assurance Consultants – especially critical for highly regulated industries

Improved Scalability – the flexibility to manage more suppliers and assessments with greater efficiency so you can spend more time on the critical task of risk management

Regulatory Oversight:

SupplierAssess also enables you to ensure your TPRM program meet existing and emerging requirements from global regulations such as:

  • UK Data Protection Act & EU GDPR, 
  • EU Digital Operational Resilience Act (DORA),
  • ESMA Guidelines on Outsourcing to Cloud Service Providers,
  • Bank of England / PRA Operational Resilience, Outsourcing and Third Party Risk Management,
  • European Banking Authority Guidelines on Outsourcing Arrangements, and
  • Monetary Authority of Singapore’s Technology Risk Management (TRM) Guidelines


  • Expert risk assessment support from a dedicated, CTPRP certified IT Security Assurance Consultant who understand your business requirements
  • Ranking of suppliers and risk factors, collection of assessments and evidence for each Third Party supplier
  • Continuous monitoring from that provides supplemental data points about a supplier’s threat landscape
  • Supplier Assessment Dashboard and Annual Report that include findings and mitigation recommendations


  • We understand your risk appetite, security objectives and compliance requirements
  • We collect supplier questionnaires, supporting evidence and onsite assessments
  • We provide detailed risk analysis, reports and recommendations on information accumulated, industry intelligence and contextual risk environment
  • We work with you and suppliers to implement remediative measures and process improvements
  • We provide continuous threat intelligence between annual assessments

Robust TPRM Delivered To Your Desk

Your dedicated certified IT Security Assurance Consultant performs detailed analysis based on all the data and evidence gathered and will then present and consult on the identified risks, remediation and mitigation.

SupplierAssess can work with your existing processes and automation tooling or take advantage of our best-of-breed solutions to create a comprehensive and robust managed-service of supplier risk assessment, security rating and continuous monitoring.

SupplierAssess is built upon the Shared Assessments Program processes and practices, including Standardised Information Gathering (SIG) questionnaires and Standardised Control Assessments (SCA) for onsite verification, to ensure your TPRM program is delivered to industry-standards.

Call today 0161 476 8700

or Submit a Contact Form


Why choose us?

We are specialists in Third Party Risk Management with over 20 years of experience in Cyber Security and Governance, Risk & Compliance and a dedicated team of experienced IT Security Assurance Consultants.
We are a vendor agnostic, managed service provider that is able to focus on delivering a TPRM program built around your specific risk-based, organisational and regulatory requirements.
We are a Shared Assessments Program member and recognised Assessment Firm with certified IT Security Assurance Consultants able to deliver a comprehensive service based on industry standards and best practice.