teresalaw
ServiceNow Employee
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
05-06-2019
10:29 PM
With an increased dependency on third-parties in today’s age of digital transformation, understanding the cyber risk and compliance posture of enterprise vendors has never been more critical to your organization’s security posture. According to Gartner, “By 2022, cybersecurity ratings will become as important as credit ratings when assessing the risk of business relationships.”
Best practice is to assess your vendors on a regular basis, but until now, it has been a time-consuming and error-prone exercise comprised of spreadsheets, email, and rudimentary legacy risk management tools. BitSight Security Ratings combined with ServiceNow Vendor Risk Management (VRM), solves this challenge by delivering a purpose-built system to manage, report and respond to 3rd party cyber risk. The addition of data-driven, validated risk ratings provides objective, validated data on which to base decisions using automation and workflow.
The most critical aspects of 3rd parties risk management are described below:
Visibility: By displaying the BitSight Security Rating alongside other vendor information, vendors’ security performance can be compared to the residual risk for daily monitoring, vendor selection, as well as contract renewal and negotiation. Reports and dashboards in ServiceNow VRM make it easy to view status and trends.
Prioritization: Establish vendor tiers and use Security Ratings in conjunction with assessments, on-site visits, and other existing processes to calibrate your program and determine where resources should be allocated to most efficiently manage vendor risks.
Collaboration: More meaningful, action-oriented conversations centralized in a user-friendly vendor portal to eliminate inefficient email communications and status tracking via spreadsheets.
Automation: BitSight Security Ratings integrated into ServiceNow VRM can be configured to automatically trigger alerts, create issues and kick off a workflow to remediate and collaborate with your vendors.
Including the data-driven risk ratings allows you to adjust your processes and vendor risk management program, creating tighter alignment with your overall enterprise risk management.
BitSight is an IRM Ecosystem partner. The BitSight integration can be found on the ServiceNow Store.
Learn more at www.bitsight.com or www.servicenow.com/grc.
- 428 Views
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
