Vendor Risk management/Assessment Tools

I am doing some research in finding best vendor risk management/assessment tool. I have short listed below below 3 tools. Can you please review and let me know what do you think of these? Any additional tools that are less expensive and better performing are welcome. Thank you in advance for your help.

Tools that are short listed are Vendor Management from LogicManager, DATUMSEC & Metricstream.

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

Votes: 0
Email me when people reply –


  • Hi, you can also have a look at 360factors' SaaS based vendor management system.

    360factors provides standalone compliance management, regulatory change management, risk management, audit management and policy & procedure manageme…
  • I would like to add Brica from BRI Business Risk Intelligence GmbH


    BRI Business Risk Intelligence GmbH, shortened Brica, specialises in providing actionable risk intelligence on any potential threat to an organization. The service is unique in that sense that it warns on what MAY happen, in contrast to Threat Intelligence, SIEMS, etc. that warn on something that is already happening. This on technology level and also industry related and global. Fore-Warning vs Now-Warning.

    Brica is fully focused on giving you early warnings to avoid being hit. Brica works fully preventive, thereby saving you the massive cost of recovering after a breach or compromise. Providing business continuity, and bringing structure to your Risk Management and Compliance requirements. And most of all, saving you money and time.

    The service is based on annual subscriptions, where each subscriber creates a fully customisable portal interface, where only those subjects that are of relevance are taken into its profile.

    For example, on technology you only want to receive alerts on those components - software and hardware - that are being employed. Industry - if you are a financial organisation you have access to a vast scala of Banking etc. related subjects. ICS? All the suppliers connecting to equipment using Scada are listed. And many more. Pick and choose those components that are used in your plant.

    The same for global issues, whether they are hacktivist, new APTs, latest strategic intelligence on terrorists activities, etc. Any type of new risk information is available to you. To be informed of new issues and giving you extra time to take mitigating actions.

    Brica is truly unique. It developed its own bespoke search engines, we call them harvesters, to dig up any piece of new information anywhere from the internet. With different harvesters for different types of information. Because (for instance) Tor requires a totally different approach to locating information than PasteBin, or restricted fora and blogs.

    Teams of Risk Analysts then inspect each newly found item on relevance, category and criticality. Items are then posted in one or more of the 10,000 subject folders with a traffic-light criticality indicator. And you subscribe to any of those subjects, only receiving alerts on those.

    The basic service warns on any technology and ICT related issues. The corporate service also provides intelligence on industry specific and global issues. Annual subscriptions start at Eur4,995 per annum. In addition, Brica can also provide fully customised Organisation Specific Intelligence Services.

    If you are interested, the easiest way to get introduced to this service is to request a live demo. We are happy to pre-populate a profile designed around your organisation and demonstrate that to you using Webex, whereafter you get a couple of weeks to freely use the full service, testing it out whether it meets your requirements and can help you prevent issues and fore-arm you against threats.

    More information: or

    Business Risk Intelligence & Cyberthreat Awareness
  • Hi, Vendor risk has many facets... are you looking for tools that will help you assess financial risk? Location Risk? Business Continuity? Corporate Social? You can check out my website, where I give some tools on how to do this yourself in house.

    Risk Methods


    Elementum (strong in transportation risk)

    Beroe (strong in purchasing risk)




  • You can also search the RIMS Marketplace place for vendors at We have the most comprehensive directory of solutions providers for risk professionals.

  • Take a look at

This reply was deleted.

[Free COVID-19 Framework] What's the path to recovery look like?

We created a free presentation (attached), which discusses both global and organizational impacts of the COVID-19 pandemic, along with critical actions organizations should take immediately. This presentation introduces a framework that helps regions and organizations navigate a path to recovery via 9 potential scenarios. These scenarios capture outcomes related to GDP impact, public health response, and economic policies. The presentation also breaks down 6 immediate and critical actions…

Read more…
3 Replies · Reply by Boris Agranovich Jan 2, 2021
Views: 142

If risk management is about decision making, are current risk management solutions irrelevant?

Now that the updated COSO and ISO risk management standards emphasize a connection to enterprise objectives and decision making, does this mean ERM and GRC solutions focused on risk registers and regulatory compliance are missing the true value of risk management?Will current risk management solutions evolve to integrate more decision support functionality or will standalone prescriptive analytics and other technology solutions take a more prominent role in enabling risk-informed…

Read more…
3 Replies
Views: 90

A question related to classification of instruments between trading and banking book.

We have an interesting question from one of our members.       "We usually perform OTC FX transactions with clients backed-to-back on the market (with Banks). Now we are going to perform a FX swap (i.e. Spot + forward) JPY/EUR for the Bank account for 1 week at the longest. The purpose is to get EUR place @ CB for LCR compliance purpose (no trading purposes). Bank's Management think that this should be considered as a trading position and therefore be classified within the Bank's trading book.…

Read more…
4 Replies
Views: 210

Plunging oil prices: curse or blessing in disguise?

The recent sudden crash of oil prices has had a major impact on the world economy, leading to many troubled faces in the international arena. The Russians fear the effects of yet another powerful hit on their economy, Venezuela seems to be considering default and the Americans are weary of the consequences for its young and emerging shale oil industry. And then you have the Middle East, where the smallest match is enough to ignite the largest fire. But are these worries really justified or…

Read more…
1 Reply
Views: 62

Introducing the Global Risk Series - Book 1 Risk Management How Tos

Dear GlobalRisk Community member, Our community’s mission is to foster business, networking and educational explorations among members. Learn from some of the top experts in the industry as they clearly explain how to approach the most important Risk management concepts. Check out their expert tips and use the link at the end of each article to navigate back to the website to leave your comment or ask a question. Some of the topics include: How do you Explain Risk Appetite?  How to Prepare a…

Read more…
14 Replies · Reply by Boris Agranovich Sep 12, 2022
Views: 588

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!