Prevalent Enhances Platform Essentials to Include Unlimited Third-Party Ransomware and ESG Assessments

Third-party risk management professionals don’t have to look far to read about two of the most prominent risks facing their organizations today: ransomware and environmental, social and governance (ESG). Each type of risk – although very different from one another – can result in significant business disruption or reputational damage if not properly dealt with.

Take ransomware for example. The Kaseya, Microsoft Exchange and Colonial Pipeline attacks either ground their victims’ operations to a halt or resulted in vendors scrambling to patch a vulnerability and update their customers before they were impacted – all at a cost.

With regard to ESG, regulators are increasing their scrutiny over companies’ sustainability, labor and hiring practices in the wake of ongoing calls for better governance and corporate social responsibility. For example, anti-bribery laws and supply chain transparency laws are being enforced more vigorously yet fewer than half of organizations are tracking such third-party risks.

Reactive Approaches Delay Risk Identification and Mitigation

Why do organizations continue to struggle against repeated cyber attacks originating from their third parties, as well as the risk of unwanted attention from poor ESG policies? Because they take reactive, manual approaches to assessing risk – sometimes after it’s too late.

Prevalent Platform Essentials Helps Companies Be More Proactive

Today, Prevalent is announcing an enhancement to its Platform Essentials solution to include built-in questionnaires to automate the assessment, scoring and remediation of third-party ransomware and ESG risks. Combined with existing capabilities to centrally onboard, profile, tier and score inherent risks across all third parties, organizations now have a single solution to gain critical risk insights during supplier onboarding, helping them to be more proactive in assessing these risks.

Prevalent Platform Essentials enables organizations to assess an unlimited number of third parties featuring these important capabilities:

• Flexible vendor onboarding: Spreadsheet upload or API with supporting enterprise intake process
• Inherent risk scoring: Out-of-the-box profiling and tiering assessment, including cyber and non-cyber content
• Comprehensive profile: Includes industry and business insights, beneficial ownership, ESG scores from 12,000+ publicly-listed entities, and maps 4th-party relationships
• Topical assessments: Determine ransomware risk and ESG policy adherence with standardized assessment templates
• Risk register: Centrally visualize and manage risks from assessment responses
• Document management: Collate evidence supporting profiling and tiering, ESG and ransomware assessment answers
• Workflow and task management: Easily identify risks and assign tasks, and track them to completion
• Risk reporting: Clear reporting showing inherent and residual risk, ESG risk, ransomware risk

With Platform Essentials, your team can reduce complexity by centrally managing all vendors under a single pane of glass, reduce cost by baselining certain risks for an unlimited number of vendors, and gain better visibility into key risk areas to be more proactive.