ATLANTA -- (BUSINESS WIRE) -- Modulo, a leading provider of IT governance, risk and compliance (GRC) solutions, announced today a Vendor Risk Management solution for enterprises to identify and classify high risk vendors and cloud providers as well as streamline the risk and compliance evaluation process. The product comes fully integrated with the Shared Assessments Standard Information Gathering (“SIG”) questionnaire – a robust and easy-to-use industry standard template for gathering and assessing IT, operating and security risks and controls in an information technology environment. Modulo is demonstrating its solution and sharing best practices this week at the 6th Annual Shared Assessments Summit, March 19-20, 2013 in Boston.
Enterprises are required to manage hundreds to hundreds of thousands of third-party vendors that provide essential services. These parties have access to sensitive data, exposing organizations to IT and cyber risks and noncompliance to regulatory as well as internal requirements. SOX, FFIEC, NYSE, GLBA, PCI DSS, HIPAA and other regulatory bodies require organizations to extend assessments to vendors, contractors and consultants and regulatory scrutiny is increasing.
Many of these third-party vendors now provide cloud-based solutions, making it even more difficult to assess reliability, continuity, and compliance and creating a ripple effect in the event of a disruption. Industry experts suggest that organizations first conduct a security assessment of these vendors before they buy and then monitor vendors on an ongoing basis.
“The cost of failing to manage vendor risk is high: from quality of service to financial, audit, and reputation risk. Many organizations don’t know whom their high-risk vendors are which makes it nearly impossible to target assessments, prioritize risks and create mitigation plans. Vendor Risk Management has emerged as a leading use case for our powerful and flexible IT GRC platform, which harmonizes risk scoring across all IT risk management projects for a holistic enterprise risk profile,” said John Ambra, director of technical services for Modulo.
Vendor Risk Management with Modulo Risk Manager™ 8.1 helps organizations automate third-party regulatory compliance and adherence to internal policy requirements, saving time and money and continuously improving the maturity of vendor risk programs. Modulo Risk Manager provides several tiers of reporting based on the level of detail required by the report recipient. Modulo Risk Manager ties into business value by helping define Key Risk Indicators (KRIs) to understand the impact of vendor IT risks on overall enterprise risk.
Added Ambra, “One North American Fortune 50 consumer products company with over 20,000 vendors worldwide uses Modulo Risk Manager for its Vendor Classification survey to identify which categories vendors fit into and who has access to the system. Once these high-risk parties were identified they implemented they were able to implement a targeted risk assessment and risk mitigation program, focused on a subset of vendors with access to PII data (Personally Identifiable Information).”
Organizations around the world use Modulo Risk Manager's Vendor Risk Management solution to:
Unique new features now available include: Mobile Apps to capture vendor risk information on the iPhone, iPad, and Android; Visual Google Geo-location Maps that aid in trend analysis; and “What-if” Simulations to create surveys that generate optimal responses.
The Modulo Risk Manager Vendor Risk Solution is available immediately in three deployment models: on-premise, subscription, or SaaS. For more information please visit: http://www.modulo.com/vendor-risk-management.
Modulo is a leading global enterprise provider of comprehensive Governance, Risk and Compliance (GRC) management solutions. Modulo’s award-winning Risk Manager™ provides hundreds of organizations worldwide with the tools they need to automate the entire GRC management process to monitor, manage and sustain adherence to policy and regulations while reducing enterprise risk and complexity. Customers span the financial, health care, retail, telecom, power & gas and government sectors and include BASF, BC Hydro, Commercial Bank of Dubai, Microsoft, New York University Medical Center, Synovus Financial, and Schlumberger. Modulo has earned industry recognition as a 2012 Innovator of the Year from SC Magazine; “Best Buy” and “5-Star” in SC Magazine’s risk management group product reviews for two consecutive years (2012 and 2011); finalist in SC Magazine Excellence Awards for two consecutive years (2012 and 2011); and winner of the Info Security Products Guide Global Excellence Awards and Network Products Guide Product Innovation Award.
Key search terms: Vendor Risk, Vulnerability Management, Risk Management, Cybersecurity, Physical Security, Operational Risk, Continuity Management, Critical Infrastructure