Trust Exchange in partnership with 3PAS Global, has created a joint offering which will reduce the time and cost associated with assessing Third Parties.
1. Webinar: Streamline Assessments and
Vendor Risk Management
Presented by: Beth Wexler, 3PAS and Edward Sullivan CEO, Trust Exchange
2. Regulatory Direction
seems unpredictable
and ever changing
Lots of “WHAT ” Very
Little “HOW”
Pressure Increasing,
Confusion at a
Maximum and Costs
Rising
What if?
• Reduce
Complexity
• Reduce Costs
• Increase
Visibility
• Standardize
Assessments
• Decrease Risk
Vendor Risk Management
3. What
does 3PAS do?
• Patented two-part risk assessment
• Part A – triage all vendors
• Part B – scored assessment for critical
vendors derived from a variety of globally
recognized frameworks including
ISO27001/2, HIPAA/HITECH, PCI,
FISMA/NIST, and CSA/CCM.
• Annual auto - renewals
• Shareable assessments to provide other
business partners
• Perform on-site audits and reviews
• Consulting on best practices for harvesting
vendors
4. VRA Part A
all vendors
No connectivity or data
transmissions
Non-critical vendor
VRA Part B
only critical vendors
Will have connectivity and/or
data transmissions
Critical vendors take the Scored
VRA
5. What is Trust
Exchange?
• B2B Information Platform
• A “Social Network” for Enterprises
• Companies Exchange Key Information via
Social Interface
• Distribute via “Network Effects”
• Powering Collaborative Compliance™
6. Exponential
Problem
• In a Network, the number of interactions
grows exponentially as “members”
increase
• TE enables vendors to subscribe to risk
policies
• And…broadcast compliance requirements
through the network via TE
• 3PAS Standardizes and Streamlines
Assessments which can then be broadcast
7. Dashboard
Timely and actionable
information is delivered
through easily
configurable dashboards.
Create custom monitoring
criteria and risk policies
that can be monitored
automatically.
Dashboards and reports
create visibility throughout
the organization. Each
party can have multiple
dashboard views based on
role or responsibility.
8. Policies
Custom
compliance
policies and risk
categories allow
organizations to
more precisely
segment third
parties by function,
risk geography, etc.
All parties receive
alerts about
upcoming
requirements
policy violations
and new events.
9. Vendor Profile
The vendor’s profile is
added to the portfolio of
vendors you are
monitoring. The profile
timeline provides a
consolidated view of each
vendor’s performance
over time. At a glance you
can determine an
individual vendor’s
compliance and policy
violations. Streamlined
Assessments and Re-
Assessments provided by
3PAS and Integrated into
TE Vendor Timelines