Search Results

Learn about and register for events outside of the TPRA that are applicable to TPRM. Vendor-Hosted Events The TPRA promotes the industry of third party risk, which includes events conducted by other third party risk-related groups and organizations. Check back here regularly to see our list of vendor-hosted events. If you would like to promote your next third party risk-specific event, please complete the form below . Disclaimer: TPRA does not endorse or sponsor the products/services of one particular organization; however, we do communicate training opportunities for the benefit of the community. Filter by Organization Select Organization Filter by Event Type Select Event Type Filter Download Aravo Live Webinar Responsible AI Risk: A Phased Approach to Governing Internal Use and Vetting Third Parties Tuesday, November 18, 2025 3:00 PM GMT A Gartner report warns that fewer than one in five GenAI projects deliver promised business value, citing challenges in data, privacy, and compliance. Risk teams face a dual mandate: establishing internal AI guidelines and assessing third-party use. Join Aravo experts Dean Alms and Dave Rusher to discover a phased approach for risk professionals. Learn to responsibly advance your own AI initiatives, establish corporate guidelines, and build the expertise to assess third-party AI risk during onboarding and monitoring. Master how to navigate the critical hurdles that stop most projects from succeeding. Register Cloud Security Alliance (CSA) Virtual Conference CxO Trust Summit 2025 Wednesday, November 19, 2025 8:00 AM - 1:00 PM PT CSA’s Virtual CxO Trust Summit , taking place November 19-20, 2025 , will bring CISOs, CIOs, board directors, regulators, and trusted suppliers together for two concentrated half-days of strategic insight and peer exchange designed to tackle the five issues that will define cybersecurity leadership through 2027: Register Tandem Live Webinar Level Up Your Table Top Exercises Thursday, November 20, 2025 2:00 PM - 3:00 PM CST A tabletop exercise is a technique used to review a company’s business continuity and incident response plans. Just like our tables at home, sometimes our tabletops at work can get a little cluttered and could use some TLC. Join this session for a refresher on tabletop etiquette. We will look at what regulatory guidance has to say, review best practices for getting buy-in and creating an engaging environment, and walk through a tabletop exercise together. Register Cloud Security Alliance (CSA) Virtual Conference Zero Trust Summit 2025 Wednesday, December 3, 2025 8:00 AM - 1:00 PM PT As cyber threats accelerate in scale and complexity, Zero Trust has shifted from a guiding principle to an operational mandate. At the same time, the rise of AI brings both new opportunities to strengthen defenses and unprecedented risks to secure. The CSA Zero Trust Summit offers you direct access to the experts and practitioners driving the global Zero Trust movement, equipping you with the strategies and insights needed to safeguard modern enterprises. Register Bitsight Live Webinar No Time for Silos: Inside the first 72 hours of a Cyber Event Thursday, December 4, 2025 11:00 AM ET How GRC and SOC Move as One When Every Second Counts Register Submit an External Event TPRA Practitioner Members can submit upcoming events they'd like displayed on this page using the form below. Some events may also be shared via our monthly events emails and/or quarterly newsletter. TPRA does not post on-demand/recorded events to this page. TPRA Vendor Members can submit their upcoming events through the Vendor Member Submissions form . Submitter Information First name* Last name* Email* Event Information Event Title* Event Host* Event Type* Event Description* Event Date* Event Time (please include time zone)* Link to learn more and/or register for the event* Anything else we should know? Submit

Learn about Melissa Denman, TPRM Lead for Zoom, and TPRA's WNTPRM November 2025 Leader Spotlight. < See All < Previous Next > Melissa Denman TPRM Lead Zoom Biography With over 10 years of experience in security, compliance, and third-party risk management, I’ve built a career rooted in technical depth, cross-functional collaboration, and global perspective. I began my career at one of the Big 4 accounting firms, where I focused on IT audit initiatives. From there, I joined a large tech company in San Francisco, where I held several roles in security engineering, compliance, and vendor audit, often traveling across the world to perform onsite critical vendor assessments. I currently serve as the TPRM Lead at Zoom, where I’ve spent the past four years building, scaling, and maturing our TPRM program. Over the course of my career, I’ve led multiple TPRM tool implementations, championed automation efforts, established and led offshore teams, and executed high-impact vendor assessments. I am also a proud holder of several industry certifications, including CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), and CEH (Certified Ethical Hacker). Leadership Characteristics My leadership style is rooted in empathy, listening, and understanding. I prioritize strong stakeholder relationships, which are essential in a cross-functional program like TPRM. I place a high value on accountability – both for myself and those I work with – because it builds trust and enables continuous growth. Mentorship is also deeply important to me, as I’ve been fortunate to have incredible mentors throughout my career. I’m committed to paying that forward, particularly by supporting and uplifting women in the field. Leadership Challenges One of the most significant challenges I’ve faced in my career was adapting my team’s processes during the onset of the COVID-19 pandemic. With travel restrictions in place, traditional onsite assessments were no longer possible. We quickly pivoted to virtual assessments to ensure we could continue meeting our audit, regulatory, and customer obligations. Around the same time, I joined Zoom as it was experiencing rapid growth due to the pandemic. That growth brought heightened scrutiny around security and compliance, requiring us to ensure consistent risk management across a growing vendor and customer footprint. More recently, the rise of AI has introduced new complexities in TPRM. I’ve been focused on establishing governance frameworks that allow us to leverage third-party AI capabilities responsibly while prioritizing security, compliance, and ethical considerations. Key Take-a-ways My favorite aspect of working in TPRM is that the landscape is constantly evolving. There are always new vendors, emerging risks, shifting regulations, and opportunities to innovate through automation. My advice to others in the field is to stay curious and adaptable. Also remember that in a cross-functional role like TPRM, building strong relationships across the organization is just as important as understanding the technical aspects of security and risk. Fun Fact Fitness and staying active is important to me! I’m very involved in my local gym community and even run their social media accounts, which is a fun, creative outlet that keeps me energized and connected outside of my professional role.

This page is dedicated to showcasing the inspiring Women Leaders and their stories. Our goal for this program is to highlight and learn from women leaders in the field of Third Party Risk Management (TPRM) throughout various industries. Back Women Lead Program Welcome to the Women In TPRM (WNTPRM) "Women Lead" Program! This page is dedicated to showcasing inspiring Women Leaders by highlighting their stories. Our goal for this program is to learn from and be inspired by women leaders in the field of Third Party Risk Management (TPRM) throughout various industries. If you know of an inspiring Leader you think should be featured by WNTPRM, complete the form linked below! Apply Now Leader Spotlights Melissa Denman TPRM Lead Zoom WNTPRM November 2025 Leader Spotlight November 1, 2025 Read More Heather Vahovich Director Third Party Risk Management (TPRM) Novanta WNTPRM August 2025 Leader Spotlight August 20, 2025 Read More Kelsey Theroux Third Party Risk Analyst WNTPRM June 2025 Leader Spotlight June 1, 2025 Read More Oksana Zbyranyk Chief Compliance and Delivery Officer Truvo Cyber WNTPRM October 2025 Leader Spotlight October 1, 2025 Read More Hilda AndelizGomez VP. Enterprise Third Party Risk Performance Analyst Valley Bank WNTPRM August 2025 Leader Spotlight August 1, 2025 Read More Laura Valente Director, Compliance, Ethics & Regulatory Affairs (& Chief Privacy Officer) General Bank of Canada WNTPRM May 2025 Leader Spotlight May 1, 2025 Read More Erica Lane Sr. Security Analyst SPS Commerce WNTPRM September 2025 Leader Spotlight September 1, 2025 Read More Jill Zakarian Partnerships Manager Ncontracts WNTPRM July 2025 Leader Spotlight July 1, 2025 Read More Madelyn Norwood Solution Advisor Ncontracts WNTPRM April 2025 Leader Spotlight April 15, 2025 Read More LOAD MORE

Learn more about Continuiti Solutions, a TPRA Incubator Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > Continuiti Solutions TPRM Services Incubator Member CONTACT INFORMATION Contact@ContinuitiSolutions.com Chris@ContinuitiSolutions.com Patrick@ContinuitiSolutions.com Continuiti Solutions is a Third-Party Risk Management services firm dedicated to helping small and mid-sized organizations meet regulatory expectations without the burden of costly software or internal compliance teams. Show More TOP PRODUCT FUNCTIONALITY CATEGORIES Custom Vendor Intake Forms – Tailored intake workflows that capture key details to assess inherent risk and vendor criticality. Risk Tiering & Scoring – Automated and analyst-reviewed classification of vendors based on data sensitivity, operational impact, and regulatory exposure. Analyst-Led Due Diligence – Experienced risk professionals review and validate SOC reports, financials, security documentation, and compliance evidence. Audit-Ready Documentation – Organized and exportable documentation that aligns with SOC 2, GLBA, FFIEC, and other regulatory frameworks. Custom-Built Client Portal – A proprietary portal where clients can submit vendors, track assessments, view reports, and communicate with analysts in real-time. Continuous Vendor Monitoring – Optional ongoing surveillance of high-risk vendors, including legal, financial, and cybersecurity-related alerts. Regulatory Alignment – Services designed to help organizations maintain compliance with regulatory bodies, audit standards, and third-party governance expectations. Scalable Pricing Model – Flexible service plans that scale with organizational growth, with pricing based on vendor count or flat-rate subscriptions. Dedicated Support & Collaboration – Direct access to compliance analysts and project leads throughout the vendor lifecycle for guidance and support. Workflow Automation with Human Oversight – Intelligent process automation paired with human review to ensure both efficiency and depth in risk evaluation. RESOURCES FROM THIS VENDOR MEMBER Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES ADDITIONAL OPPORTUNITIES Previous Next

Learn more about Continuity Strength, a TPRA Incubator Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > Continuity Strength TPRM Platform Incubator Member CONTACT INFORMATION info@ContinuityStrength.com Continuity Strength helps TPRM practitioners and vendor managers strengthen third-party resilience with greater speed, consistency, and confidence. Built by risk and continuity professionals, the platform brings together critical elements of vendor oversight - assessment, monitoring, and continuity readiness - into one streamlined experience. Show More TOP PRODUCT FUNCTIONALITY CATEGORIES Third-Party Assessment: Supports structured evaluation of vendor resilience and operational preparedness. Ongoing Oversight: Delivers continuous visibility into evolving third-party risk across portfolios. Continuity Readiness: Helps vendors demonstrate the ability to recover and maintain operations under stress. Cyber Resilience Insight: Offers visibility into external risk indicators to strengthen vendor assurance. Resilience Scoring: Quantifies and compares resilience across vendors and business networks. Portfolio Intelligence: Consolidates vendor data into executive-level and regulatory-ready reporting. Improvement Guidance: Highlights practical steps to address vulnerabilities and strengthen posture. Plan Lifecycle Management: Keeps continuity documentation current and aligned with organizational needs. Practitioner Enablement: Expands the reach and impact of internal or advisory TPRM teams. Compliance Alignment: Provides defensible evidence to support audit, regulatory, and insurance requirements. RESOURCES FROM THIS VENDOR MEMBER Podcast: SMB Resilience and lessons for larger organizations VENDOR MEMBER RESOURCE | September 10, 2025 Why SMB Vendors Are the Blind Spot in TPRM VENDOR MEMBER RESOURCE | August 26, 2025 Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES ADDITIONAL OPPORTUNITIES Vendor Assessment and Monitoring Survey SURVEY TPRA members are invited to take a 3-minute survey on how teams run vendor risk assessments and ongoing monitoring, including the use of annual attestations, external signals, dashboards, and board-ready reporting. Responses are anonymous, and participants will receive an anonymized one-page benchmark snapshot next month to support planning and stakeholder updates. Previous Next

TPRM Service Provider start-ups are invited to join the TPRA as Incubator Members! Apply now! TPRA Incubator Program Welcome to the TPRA Incubator Program, created to be a catalyst for transformative innovation in third party risk management (TPRM) Read More Inquire About Membership About Mission Empower and accelerate the success of innovative third party risk management startups through a comprehensive incubator program. We strive to foster a collaborative ecosystem that provides mentorship, resources, and networking opportunities, enabling startups to navigate challenges, develop cutting-edge solutions, and establish a robust presence in the evolving landscape of risk management. Vision To be a catalyst for transformative innovation in third party risk management, fostering a dynamic ecosystem where startups thrive in pioneering solutions that redefine industry standards. We aspire to build a global community of resilient and adaptive risk management leaders who contribute to a secure and trustworthy business environment. Through our incubator program, we envision a future where emerging startups play a pivotal role in shaping the evolution of risk management practices, driving sustainability, and ensuring resilience in an ever-changing landscape. Transforming the Industry Together Incubator Participants Who Can Participate Inquire About Membership Innovative Third Party Risk Management Startups Only start-up organizations within the Third Party Risk Management space Start-up must be five years old or less and/or within the pre-seed, seed, or early stage (Series A and Series B) Start-ups must not bring in more than $500,000 of revenue annually from product/service offerings Must complete an application and potentially an interview Must provide evidence of the revenue the organization generates from products/services within their last and/or current financial year TPRA retains the right to deny any organization and/or individual entry into the Incubator Program for any reason Goals & Activities The goals and activities of the Incubator Program are to assist with removing roadblocks within the community to allow for better communication, tighten feedback loops to ensure community needs are addressed, and to be a catalyst for innovation within the community. The program will also allow for a common lexicon when speaking about TPRM programs and the value they bring to organizations. Below are the goals and activities related to the TPRA’s Innovator Program: 1 TPRA Vendor Membership Receive “Incubator Status” Vendor Membership based on the Program Tier structure below. Would receive all of the benefits of an “Advocate” Member. Benefits include: Orientation & On-boarding Three website accounts Quarterly updates Invitations to practitioner meetings Website Access Service Provider Profile LinkedIn Welcome Message Share your resources, events, surveys, & job openings with TPRA members Newsletter Spotlight & Links to Blogs Write blogs for TPRA 3 Access to Resources Share TPRA resources, webinars, and training opportunities. TPRA will create a website to share external resources for Incubator Program members only (to include company names and URLs for investment firms, other incubator programs, and other start-up accelerators). 5 Training & Skill Development Incubator participants may attend TPRA webinars, events, and activities on the website to enhance TPRM skill development. 7 Lead Generation Opportunities TPRA to provide incubator participants with discounts on conference sponsorships and demo opportunities. Sponsorships come with opt-in lists. TPRA to create a site for Practitioners to submit RFPs for TPRM tools and for incubator participants (as well as TPRA Vendor Members) to respond to them. 9 Feedback & Improvement of Incubator Program From time to time, participants will receive surveys that request feedback on the Incubator Program. Responses will be used to continually enhance the program. 2 Start-Up Advisory Council Set up regular 1:1 meetings (most likely quarterly) with select practitioners (based on industry and company size) to provide program participants with feedback on their products/services. This can also assist with the incubator program participant figuring out their product market fit, target market, and product/service pitch. Can also assist with the participant better understanding if they are addressing their market’s TPRM pain points. TPRA to create a site for Practitioners to note TPRM pain points and/or note request for innovation. (Note: Can have the community vote on what they would like to see the most.) Incubator Participants would be able to access this list. 4 Network Opportunities TPRA will create network opportunities to introduce incubator program participants other program participants, practitioners, and other service providers. 6 Brand Awareness TPRA to note the incubator participant’s organization on the TPRA website (within Service Provider Profile), highlight the organization on LinkedIn, and note the organization as a spotlight within one of the TPRA’s quarterly newsletters. 8 Collaboration on Additional Resources In collaboration with TPRA, may participate in educational trainings, research, & content creation (such as blog posts, whitepapers, & videos). Inquire About Membership Heather Kadavy Senior Membership Success Coordinator heather.kadavy@tprassociation.org Follow on LinkedIn > TPRM Service Provider Membership Inquiry Complete this form if you are interested in one of TPRA's Service Provider Membership options (Vendor Membership, Incubator Program, Consultant Catalyst). Our team will reach out to you as soon as possible with further details on plan benefits and pricing. First name* Last name* Job Title* Organization* Email* Phone Which membership option are you interested in? Vendor Membership – For established TPRM Service Provider organizations (TPRM Platform, GRC Platform, Risk Rating/Intelligence Tool, TPRM Services, etc.). Incubator Program – For Start-Up TPRM Service Provider Organizations looking to gain insight, support, and promotion. Consultant Catalyst – For single, Independent Consultants or Boutique Advisory Firms specializing in third-party risk management services. Other Anything else we should know? Submit

Learn more about Vanta, a TPRA Advocate Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > Vanta GRC Platform Advocate Member CONTACT INFORMATION Adrian Conley Director, Specialty Sales adrian.conley@vanta.com Vanta accelerates every step of vendor due diligence, automating evidence collection, pre-filling questionnaires, and highlighting the most critical risks. Customers see up to a 50% reduction in time to complete risk assessments and a 3× faster time to findings, allowing teams to identify and remediate issues far more efficiently. Show More TOP PRODUCT FUNCTIONALITY CATEGORIES Vanta is the leading trust management platform, helping organizations simplify, centralize, and automate their security, compliance, and third-party risk programs. By unifying Trust Center, GRC, Security Questionnaire Automation, and Third-Party Risk Management (TPRM) into one platform, Vanta enables organizations to build and demonstrate trust in real time. Third-Party Risk Management – Automate vendor reviews with AI-powered evidence collection, risk flagging, and renewal comparisons. Governance, Risk & Compliance (GRC) – Centralize frameworks and automate controls for SOC 2, ISO 27001, HIPAA, GDPR, and more. Trust Center – Publicly share your real-time security posture through an auto-updating, customizable trust portal. Security Questionnaire Automation – Enable instant, AI-assisted pre-filling and review of vendor questionnaires. Continuous Monitoring & Alerts – Maintain compliance through live monitoring of your infrastructure, vendors, and cloud stack. Framework & Standards Integration – Map once, comply everywhere: crosswalk controls across 20+ frameworks. Reporting & Analytics – Measure and visualize compliance, vendor performance, and remediation velocity. Remediation & Collaboration – Assign follow-ups, close findings faster, and track progress across teams. RESOURCES FROM THIS VENDOR MEMBER Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES ADDITIONAL OPPORTUNITIES Previous Next

Learn more about Halo Ai, a TPRA Incubator Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > Halo Ai Risk Ratings/Intelligence Incubator Member CONTACT INFORMATION Halo Ai is a next-generation, AI-native third-party risk intelligence company redefining how organizations manage and monitor their third-party portfolios. By combining autonomous risk assessments, real-time analytics, and continuous 24/7 supplier monitoring, Halo Ai delivers a radically faster and more reliable way to surface and mitigate risk. Its platform enables enterprises to radically reduce due diligence cycle times from months to minutes while maintaining the highest standards of accuracy, transparency, and regulatory alignment. Show More TOP PRODUCT FUNCTIONALITY CATEGORIES Autonomous Risk Intelligence Real-Time Autonomous Risk Assessments Instantly generates comprehensive risk assessments using AI-driven mapping to 25+ global frameworks (ISO, NIST, DORA, SOC 2, GDPR, etc.), replacing months of manual work with minutes of autonomous output. Dynamic, Multi-Domain Risk Scoring Leverages machine learning and Halo Ai’s multi-layer validation engine to deliver contextualized, real-time scores across cyber, operational, financial, ESG, regulatory, reputational, and geopolitical domains. Continuous Monitoring with Change Detection Provides 24/7 live monitoring of vendors and their fourth parties—automatically flagging risk changes such as breaches, sanctions, lawsuits, bankruptcies, or ESG violations. Connected Intelligence & Predictive Insight Federated Risk Intelligence Lake Correlates 500+ data signals across private, public, regulatory, adverse media, and proprietary sources—creating a unified vendor risk graph of 430M+ companies globally. Show More RESOURCES FROM THIS VENDOR MEMBER Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES Halo Ai Award: Spend Matters, Future 5 November 7, 2024 ADDITIONAL OPPORTUNITIES Previous Next

Learn more about Securis360 Inc., a TPRA Incubator Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > Securis360 Inc. TPRM Services Incubator Member CONTACT INFORMATION Harsh Kashiparekh +1 (619) 559-3838 Securis360 Inc. is a boutique cybersecurity and data privacy compliance managament consulting firm based in Pittsburgh, PA, founded by Mr. Harsh who used to work at PwC in New York and holds a CISA certification. Our India office head Mr. Nisarg Trivedi was heading the EY practice in Ahmedabad for over7 years. Our expertise lies in SOC1/SOC2, ISO27001, GDPR, HIPAA, HITRUST, CCPA as well as Pentest, Cloud Security, Devops etc. TOP PRODUCT FUNCTIONALITY CATEGORIES GRC SOC2 ISO27001 GDPR HIPAA TPRM RESOURCES FROM THIS VENDOR MEMBER Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES ADDITIONAL OPPORTUNITIES Previous Next

Learn more about Exiger, a TPRA Partner Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > Exiger TPRM Platform Partner Member CONTACT INFORMATION contact@exiger.com Request a Demo 🏆 TPRA's 2024 TPRM Service Provider Innovator Award Winner Exiger is revolutionizing the way corporations, government agencies and banks navigate risk and compliance in their third-parties, supply chains and customers through its software and tech-enabled solutions. Exiger’s mission is to make the world a safer and more transparent place to succeed. Empowering its 550 customers across the globe, including 150 in the Fortune 500 and over 55 organizations across the Defense Industrial Base and government agencies, with award-winning AI technology, Exiger leads the way in ESG, cyber, financial crime, third-party and supply chain management. Show More TOP PRODUCT FUNCTIONALITY CATEGORIES Proactive Intelligence Continuous Monitoring Sanction Screen and Adverse Media Monitoring Third Party Due Diligence Seamless Onboarding Real-time Risk Rating Dynamic Dashboarding Integrated Premium Data Sources and Proprietary Watchlists ESG Risk Supply Chain Risk RESOURCES FROM THIS VENDOR MEMBER Modern Slavery: Supply Chain Lessons Learned Since the UFLPA Was Enacted VENDOR MEMBER RESOURCE | October 9, 2023 Taking a Closer Look at Three Major Risks to Cotton Sourcing | Blog | Exiger VENDOR MEMBER RESOURCE | October 9, 2023 Streamlining Software Security: Harnessing the Power of SBOM with Supply Chain Visibility VENDOR MEMBER RESOURCE | October 9, 2023 Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES Exiger Wins Government-Wide $919 Million GSA Supply Chain Risk Illumination Award April 10, 2025 Exiger has been honored on Fast Company's annual Brands That Matter list – for the second consecutive year December 10, 2024 Exiger Acquires aDolus to Enhance Software Supply Chain Visibility in Increased Cyber Threat Environment July 30, 2024 Exiger Receives 2024 Innovator Award from Third Party Risk Association April 11, 2024 ADDITIONAL OPPORTUNITIES Previous Next

Learn more about RiskRecon by Mastercard, a TPRA Champion Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > RiskRecon by Mastercard Risk Ratings/Intelligence Champion Member CONTACT INFORMATION Jonathan Ehret VP of Strategy & Risk jonathan.ehret@riskrecon.com www.riskrecon.com Organizations now largely entrust third parties with their most sensitive data and operational functions. To help safeguard your digital ecosystem from third-party risk, you need simple, real-time visibility of third-party partners’ cyber performance. Show More TOP PRODUCT FUNCTIONALITY CATEGORIES Risk assessment Risk Review & Scoring Continuous Monitoring Third-Party Risk Management Supply Chain Risk Management Enterprise Risk Management Unique Custom Risk Prioritization Efficiently Streamlined Risk Management Program Risk Performance Insight Manage Critical Vulnerabilities RESOURCES FROM THIS VENDOR MEMBER 3 Critical Ransomware Lessons for TPRM Professionals VENDOR MEMBER RESOURCE | May 20, 2024 Five Lessons Learned from Over 1000 Ransomware Attacks VENDOR MEMBER RESOURCE | September 11, 2023 Risk Management Insights from 10 Years of Breach Event Monitoring | Whitepaper | RiskRecon VENDOR MEMBER RESOURCE | September 11, 2023 Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES ADDITIONAL OPPORTUNITIES Previous Next

Learn more about DocuBark, a TPRA Incubator Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > DocuBark TPRM Platform Incubator Member CONTACT INFORMATION Jonathan Mandell CEO & Founder jonathan@docubark.com DocuBark is a TPRM workflow automation and risk analysis platform built to replace legacy, rigid systems with a faster, more transparent approach. When teams log in, they get a clear view of every vendor assessment - what’s in progress, what’s complete, and what’s holding things up. DocuBark analyzes vendor documents, supports FAIR-based residual risk scoring, and offers features like smart intake forms and dynamic inherent risk scoring to reduce manual effort and improve decision-making across the third-party risk lifecycle. TOP PRODUCT FUNCTIONALITY CATEGORIES Document Intelligence & Parsing: Automatically extract and structure data from vendor documents (e.g., SOC 2, SIG, CAIQ), enabling faster, more accurate due diligence. Control Summarization & Mapping: Generate clear summaries of vendor security controls and map them directly to your questionnaires, frameworks, or scoring rubrics. FAIR-Based Residual Risk Analysis: Quantify residual risk in financial terms using FAIR methodology, factoring in inherent risk, control strength, and business impact. Smart Intake Forms: Guide business requesters through risk-relevant questions during intake, dynamically adjusting based on the vendor’s role, data access, and system integration. Dynamically Built Assessments Based on Vendor Scope: Automatically generate tailored security assessments based on each vendor’s risk profile, services, and technology footprint—reducing noise and focusing on what matters. RESOURCES FROM THIS VENDOR MEMBER Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES ADDITIONAL OPPORTUNITIES Previous Next