Authoritative Vendor Inventory
Brinqa Vulnerability Risk Management tracks key KRIs, KPIs and program metrics to monitor risk-reduction, remediation time and window of opportunity. The self-service reports portal allows stakeholders to utilize report templates and create their own custom reports.
Dynamic Vendor Risk Profiles
A vendor’s risk profile takes into account inherent factors that reflect how the vendor’s organization is structured, how it does business, its perceived image in the public domain etc. A crucial factor in establishing risk profile and classification is the scope and impact of a vendor’s ongoing engagements within the organization. The solution also allows for strategic vendors to be flagged and handled with greater scrutiny.
Granular Engagement Risk Assessment
BTo create true representation of the risks associated with a vendor, in addition to evaluating the overall vendor relationship, the solution also quantifies the risks associated with each distinct vendor engagement within the organization. By evaluating individual vendor engagements for risks and corresponding mitigating controls, the solution provides complete transparency and visibility into the organization’s interactions with a vendor and ensures that vendors do not accidentally get access to information or infrastructure that they are not cleared for.
Integrated Security and Credit Ratings
The solution integrates with external sources of vendor evaluation (such as credit and security rating agencies) to provide a detailed and complete picture of the vendor’s risk profile.
Extensive Controls Framework
Brinqa Controls Framework, developed in collaboration with our technology and solution partners, and based on our years of experience helping large organizations navigate the complex Vendor Risk Management landscape provides risk professionals with a comprehensive framework. It provides granular control implementation definitions and correspondingly granular remediation options for identified risks. Brinqa controls framework provides mapping to common industry standards and frameworks like ISO, COBIT, NIST, etc.