I am doing some research in finding best vendor risk management/assessment tool. I have short listed below below 3 tools. Can you please review and let me know what do you think of these? Any additional tools that are less expensive and better performing are welcome. Thank you in advance for your help.
Tools that are short listed are Vendor Management from LogicManager, DATUMSEC & Metricstream.
You need to be a member of Global Risk Community to add comments!
Hi, you can also have a look at 360factors' SaaS based vendor management system.
I would like to add Brica from BRI Business Risk Intelligence GmbH
BRI Business Risk Intelligence GmbH, shortened Brica, specialises in providing actionable risk intelligence on any potential threat to an organization. The service is unique in that sense that it warns on what MAY happen, in contrast to Threat Intelligence, SIEMS, etc. that warn on something that is already happening. This on technology level and also industry related and global. Fore-Warning vs Now-Warning.
Brica is fully focused on giving you early warnings to avoid being hit. Brica works fully preventive, thereby saving you the massive cost of recovering after a breach or compromise. Providing business continuity, and bringing structure to your Risk Management and Compliance requirements. And most of all, saving you money and time.
The service is based on annual subscriptions, where each subscriber creates a fully customisable portal interface, where only those subjects that are of relevance are taken into its profile.
For example, on technology you only want to receive alerts on those components - software and hardware - that are being employed. Industry - if you are a financial organisation you have access to a vast scala of Banking etc. related subjects. ICS? All the suppliers connecting to equipment using Scada are listed. And many more. Pick and choose those components that are used in your plant.
The same for global issues, whether they are hacktivist, new APTs, latest strategic intelligence on terrorists activities, etc. Any type of new risk information is available to you. To be informed of new issues and giving you extra time to take mitigating actions.
Brica is truly unique. It developed its own bespoke search engines, we call them harvesters, to dig up any piece of new information anywhere from the internet. With different harvesters for different types of information. Because (for instance) Tor requires a totally different approach to locating information than PasteBin, or restricted fora and blogs.
Teams of Risk Analysts then inspect each newly found item on relevance, category and criticality. Items are then posted in one or more of the 10,000 subject folders with a traffic-light criticality indicator. And you subscribe to any of those subjects, only receiving alerts on those.
The basic service warns on any technology and ICT related issues. The corporate service also provides intelligence on industry specific and global issues. Annual subscriptions start at Eur4,995 per annum. In addition, Brica can also provide fully customised Organisation Specific Intelligence Services.
If you are interested, the easiest way to get introduced to this service is to request a live demo. We are happy to pre-populate a profile designed around your organisation and demonstrate that to you using Webex, whereafter you get a couple of weeks to freely use the full service, testing it out whether it meets your requirements and can help you prevent issues and fore-arm you against threats.
Hi, Vendor risk has many facets... are you looking for tools that will help you assess financial risk? Location Risk? Business Continuity? Corporate Social? You can check out my website, where I give some tools on how to do this yourself in house.
Elementum (strong in transportation risk)
Beroe (strong in purchasing risk)
You can also search the RIMS Marketplace place for vendors at www.RIMSMarketplace.com. We have the most comprehensive directory of solutions providers for risk professionals.
Take a look at http://www.riskid.nl/en/1