Overview

Third party risk management (TPRM) involves identifying, assessing, and mitigating risks that arise from working with external vendors, partners, suppliers, or service providers. These third parties can introduce risks to an organization, such as data breaches, compliance violations, financial instability, or operational disruptions.

With Secureframe, customers receive access to the standard version of Third Party Risk Management (TPRM) with the Comply Fundamentals plan. If you are using our Complete plans customers will have access to Secureframe's Advanced TPRM offering by default.

How to Add Vendors

By adding vendors, you are formalizing and documenting the relationship, allowing for better monitoring of their compliance with your security, privacy, and operational standards.

Head to the Vendors page using the left navigation, then in the top right corner you can add vendors in the following ways:

• Click Add Single Vendor - will only require the Vendors name to continue
• Click Import Vendors from CSV CSV will require name, website and include optional columns like Department, Owner, Risk Level, Vendor Status, Last Reviewed, and more.

Viewing Vendors

Vendors can be searched, filtered, and sorted in many different ways. 

Manipulating the Vendors Table

Vendors can be filtered and sorted in the table by:

• Categories (not sortable)
• Contract start date
• Contract end date
• Departments (not sortable)
• Name
• Owner
• Review status (not sortable)
• Tags (not sortable)
• Risk level
  

To see our Full Guide on Third Party Risk Management click here