Drata, the pioneering continuous security and compliance automation platform, announced its Third-Party Risk Management (TPRM) offering, empowering customers to identify, evaluate, and monitor third-party risks in one centralised and integrated platform. TPRM and several other enhancements are showcased at Drataverse Digital on December 12, at 10 am PT, 1 pm ET.

New Risk Trends Report

Third-party risk has become a critical element of a strong governance, risk, and compliance (GRC) programme, especially when addressing sensitivities with data protection. Drata’s new Risk Trends Report found that 83% of security professionals have experienced negative consequences as a result of their current TPRM process or informal oversight process. But investment remains a challenge, with 44% of respondents saying their company may not have the appropriate staff or resources to thoroughly screen third parties.

Drata’s new Risk Trends Report found that 83% of security experts shared negative impacts

Drata’s TPRM offering provides security teams with a comprehensive tool for identifying, assessing, and continuously monitoring risks and integrating them with internal risk profiles. This holistic approach ensures a unified, clear view of potential exposures across the entire organisation to effectively and efficiently manage third-party risks.

Drata’s TPRM capabilities

The first phase of Drata’s TPRM capabilities include:

  • Vendor Import via Okta SSO integration and Bulk Upload: streamline adding and updating vendors in a Vendor Directory.
  • Vendor Impact Analysis: standardise the assessment of Vendor Impact and Impact Level by evaluating data access, operational impact, and more. 
  • Vendor Questionnaire Responses: gain deeper insight into vendor risk posture.
  • Vendor Risks: adding reminders, categorisation, and treatment to track and continuously assess the risk of vendors as part of an organization’s risk register. 
  • Vendor Risk Overview: easily understand, prioritise, and act on all risks across vendors. 
  • Vendor Insights Dashboard: keep stakeholders up-to-date on the overall risk impact of a current vendor ecosystem.

Author's quote

Drata’s latest offering extends the power of its best-in-class continuous control monitoring"

Drata helps us extract meaningful insights from across our vendor ecosystem, and prioritise time-sensitive tasks,” said Ylan Muller, Senior IT Manager at FireHydrant. “Our team is able to formalise the tracking and management of third-party related risks and consolidate this workflow into one tool, so that we can remain vigilant in keeping our security program running smoothly.”

It’s imperative for security professionals to have as much confidence in their third-party ecosystem as they do within the four walls of their own businesses,” said Adam Markowitz, Co-Founder and CEO of Drata. “Drata’s latest offering extends the power of its best-in-class continuous control monitoring to third-party vendors, taking TPRM to the next level.”

New capabilities

Drataverse Digital: Risk and Reward also features additional new capabilities including:

  • NIST AI Risk Management Framework (RMF) to proactively set standards, collect evidence, and monitor controls to ensure proper governance of AI adoption across the workforce. 
  • HRIS integrations, automating the evidence collection and control monitoring for 23+ Human Resources Information Systems.
Download PDF version Download PDF version

In case you missed it

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Marin Hospital enhances security with eCLIQ access control
Marin Hospital enhances security with eCLIQ access control

The Marin Hospital of Hendaye in the French Basque Country faced common challenges posed by mechanical access control. Challenges faced Relying on mechanical lock-and-key technol...

Quick poll
What is the most significant challenge facing smart building security today?