Prevalent Vendor Risk Manager (PVRM) allows organizations to effectively manage and monitor risks posed by third and fourth-party vendors. The solution automates the collection of third-party information in a secure and scalable manner, helping better understand and manage the risks of your data supply chain.

PVRM takes the guesswork out of vendor assessment by creating a standard tiering structure within your organization, a standardized assessment workflow, Shared Assessments content, evidence collection, risk scoring, and reporting. The solution manages each vendor independently, offering you the ability to understand the impact of doing business with a particular vendor. Additionally, the solution can offer an aggregated view to understand vendor risk by tier or across all vendors.

Vendor Risk Management

Features and Benefits

  • Organizes relevant vendor risk management information in a single location.
  • Tiers vendors based on data risk and organizational importance.
  • Leverages Shared Assessments content for controls based assessment.
  • Evaluates risk across multiple evidence sources.
  • Creates risk scoring per vendor against your standard.
  • Schedules regular vendor risk evaluations based on your requirements.
  • Single point of access for third parties via Prevalent VRM Relationship Gateway.
  • Easy to use wizards for creating new vendors and relationships.
  • Leverages Variable Scoping to assess vendors, software, and/or services type within a single assessment.
  • DirectLink or manual upload of application security reports offers vendors options based on their application security program.

Key Features

  • Prevalent Vendor Threat Monitor Support™
  • Updated Shared Assessments SIG 2015 content
  • Risk Scoring Enhancements: View and weight by risk area