top of page

   Corporate Governance (Supplier Risk Management – SRM – Software)

 

  • Supplier risk management (SRM) software platforms are used to manage supplier risk data to protect the enterprise from supplier-related issues such as data breaches or noncompliance, by assessing, mitigating and monitoring any supplier-related risk that may have a negative impact on the enterprise; typically used by compliance officers to ensure supplier compliance with internal enterprise corporate policies and governmental regulations; generally implemented in conjunction with a governance, risk and compliance (GRC) initiative.

  • At a minimum, SRM software platforms should provide: a self-service portal; alerts; automated risk and security questionnaires; compliance assessments for all enterprise corporate internal policies and governmental regulations regarding supplier-related risk; business continuity plans; compliance checklists; configurable scorecards; continuous backup; contracts lifecycle management; cyber insurance monitoring; cybersecurity; data breach monitoring; data leak detection; digital forensics; disaster recovery preparedness; due diligence; e-signatures; financial stability monitoring; governance, risk, and compliance (GRC) platform integration; incident response services; ISO 27001, PCI DSS, SOC 2 compliance; internal controls assessments; key performance indicators (KPIs); legal risk management; mitigation strategies for supplier risks; monitor supplier performance and any supplier risk posture changes; non-intrusive scans; notifications; predictive analytics; regulatory change management; reporting; reputation monitoring; risk-matrix-based reports; safety management; security ratings; supplier audits; supplier classifications; supplier contracts tracking; supplier credentialing; supplier data modeling; supplier intelligence; supplier offboarding and onboarding questionnaires; supplier qualifications; supplier risk assessment templates and workflows; transparency into all available information regarding all suppliers; vetting process (RFI, RFP, RFQ); written information security program (WISP) templates.

  • Procurement, recommendation, research, sourcing, specification, testing and use of various SRM software platforms, such as: apexportal Supplier Risk Management; Aravo; BitSight Security Ratings; Global Risk Management Solutions; hicx; ivalua; LogicGate Risk Cloud; LogicManager; MasterControl; Ncontracts; Onspring; OneTrust; Prevalent; ProcessBolt; Quantivate; Reciprocity ZenGRC; Resolver; SAP Ariba SAi360; Scanmarket; Supplier Risk Management; Secureframe; SecurityScorecard; SupplierGATEWAY; SureCloud; TraceLink Supplier Risk Management; Tugboat Logic; UpGuard; Venminder; Whistic; Zluri.

   Progress_Page_Last_Updated_221105_1440

bottom of page