What we offer
- 1 ISO 27001
- 2 SOC2
- 3 PCI
- 4 NIST
- 5 HIPAA
- 6 Others
Each risk framework category (above) contains a pre-determined schedule of control topics and questions, easily customizable to a particular organization.
specific vendor or supplier
The flexible tools enable controls to be mapped to a specific vendor or supplier according to its contractual responsibilities and perceived sources of risk.
Automated risk assessments are performed for each risk source to evaluate compliance with controls.
Risk scores are generated and weighted for each risk source.
For each vendor or supplier, aggregated risk scores are generated to provide an enterprise-wide view of risk for each framework category.
Highly flexible, customizable reporting for different stakeholders supports enterprise-wide third party vendor and supplier risk mitigation decision-making.