top of page

TPRM Service Provider Profiles

What are TPRM Service Provider Profiles?

TPRM Service Provider Profiles are specific to TPRA Vendor Members and provide organizations with descriptive and concise snapshots of individual service provider capabilities and information. These profiles assist with understanding and evaluating service provider capabilities to make product/service decisions and aid in fostering communication and connection between organizations. 

  • Onboarding and Transactional Enablement

  • Enhanced Due Diligence

  • Intake & Scope

  • Engagement-level Risk Assessment

  • Risk Management Lifecycle

  • Termination & Off-boarding

  • Continuous Monitoring & Management

  • Contract Management

  • Supplier Performance Management

  • Issue Management and Remediation

Aravo strives to make the enterprise more responsible, sustainable and ultimately more profitable. Our customers work with us to mitigate risk across their extended enterprise leveraging Aravo’s industry leading TPRM platform, portfolio of 30+ risk applications, and best practice frameworks. Enterprise teams responsible for ensuring suppliers, vendors, partners, and other third parties meet risk and regulatory requirements have Aravo as a trusted technology and business partner who understands their needs for risk visibility, management and mitigation.

Aravo’s solutions incorporate over 22 years of working experience with global brands, over 10 verticals to deliver program expertise, unified visibility and operational agility for our customers’ TPRM initiatives. Our team works to help manage risk and promote integrity for our customers so they can:

  • Avoid financial and brand liability

  • Focus on growing revenue

  • Save money through process and resource efficiencies


Dave Rusher

Chief Sales Officer

Watch Video

  • Cyber Risk Intelligence

  • Third Party/Supply Chain Risk Management

  • Continuous Monitoring

  • Financial Risk Quantification

  • Ransomware Risk Assessment

  • Automated Compliance Mapping

  • Vendor Risk Mitigation (with Prioritization)

  • Vulnerability Assessment

  • Threat Intelligence

  • Standards-Based Methodology

Black Kite gives companies a comprehensive, real-time view into cyber ecosystem risk so they can make informed risk decisions and improve business resilience while continuously monitoring more vendors, partners and suppliers in an ever changing digital landscape.

Through an automated process, and a combination of threat, business and risk information, Black Kite provides cyber risk intelligence that goes beyond a simple risk score or rating.  Black Kite serves more than 1,000 customers in a wide range of industries and has received numerous industry awards and recognition from customers.

Learn more at or on the Black Kite blog.


Johnathan Bald

VP of of Sales, North America

Watch Video

  • Vendor risk assessment exchange 

  • Tech-enabled managed services 

  • Rapid validated assessments 

  • Dashboard & BI reporting 

  • Full vendor portfolio coverage 

  • Workflow automation 

  • Remediation services 

  • Product and environment-specific assessments 

  • Integration with leading VRM technology providers 

  • Healthcare vendor risk management

CORL is a leading provider of tech-enabled managed services for vendor risk management and compliance for healthcare organizations. CORL gets results by scaling organizational and vendor risk management programs through our healthcare vendor clearinghouse, dashboard reporting that business owners can understand, and proven workflows that drive the organization to measurable risk reduction.


We have assessed over 80,000 healthcare vendors and validated their security posture. Our vendor risk clearinghouse platform allows the rapid sharing and reuse of assessment results across healthcare organizations. Our tech-enabled managed service completes your vendor risk assessments, validates assessment responses, and follows through with vendors until they remediate known critical gaps.


CORL’s unique combination of data, automation, workflow, process, and technology expedites the vendor risk assessment process and delivers what the business needs most: Speed.


Jay Stewart

Vice President of Sales

  • Third Party & Supply Chain Risk Management and Monitoring, with risk coverage across:

  • Cyber

  • Environmental, Social, Governance (ESG)

  • Reputational, Criminal, Regulatory

  • Modern Slavery

  • Operational Risk

  • Foreign Ownership, Control and Influence

  • Financial Health

  • Sanctions/Watchlist Screening

  • Corporate Ownership Unwrapping

  • Automated Due Diligence and Monitoring

  • Full Spectrum Due Diligence

  • Supply Chain Illumination & Risk Assessment

  • Risk Management Advisory

Exiger is revolutionizing the way corporations, government agencies and banks manage risk through its combination of technology-enabled and SaaS solutions. In recognition of the growing volume and complexity of data and regulation, Exiger is committed to creating a more sustainable risk and compliance environment through its holistic and innovative approach to problem solving. Exiger’s mission to make the world a safer place to do business drives its award-winning AI technology platform built to anticipate the market’s most pressing needs related to evolving ESG, cyber, regulatory/sanctions, third-party and supply chain risk.

Exiger is the leading global SaaS risk management company delivering machine learning and data analytics capabilities to solve end-to-end third party, supply chain, and market intelligence challenges. Exiger’s innovative solution provides automated third party criticality assessments, due diligence, workflow tasks and entity specific risk events that aggregate into a portfolio risk exposure for a full risk view of an entity.

Exiger has been consistently recognized as a leader in the TPRM, SCRM and Risk Management Software markets, winning over 30 AI, RegTech and Supply Chain partner awards.  Learn more at and Follow Exiger on LinkedIn.


Dan Banes

Global Head of Commercial Markets


Watch Video

  • Cybersecurity Self-Assessment

  • Third Party Risk Management

  • Insurance Underwriting

  • Summary reports for C-Suite and board level visibility

  • Score improvement scenarios

  • Benchmark security performance of third-party relationships

  • Custom dashboard monitoring critical data driving your cyber risk score

  • Unlimited access to vendor scores

  • Historical security data trends

  • Patented Supervised Machine Learning model trained to identify and use signal sources with high predictive value

The ISS Cyber Risk Score provides an empirical, proactive indicator of cyber security risk that allows organizations to better understand their own cyber resilience as well as the security posture of their vendors. Advanced machine learning based analytics, distill raw cyber intelligence into a concise actionable metric for vendor management. ISS Cyber Risk Score for Enterprise allows organizations to view their cyber risk management programs through a single lens that presents their own information as well as information regarding their vendors.

  • Enterprise risk management

  • Third-party vendor management

  • Regulatory compliance management and change management

  • Lending compliance, including fair lending analytics

  • Automated findings management

  • Business continuity planning & testing

  • Audit & compliance reviews management

  • Virtual employee engagement

  • Risk performance management

  • Vendor cybersecurity monitoring

Ncontracts’ powerful suite combines risk, compliance, vendor, and findings management solutions to drive efficiency and build a risk management culture resulting in smarter, faster decisions.

Ncontracts provides solutions to a rapidly expanding customer base of over 4,000 financial institutions in the United States. We help financial institutions achieve their compliance and risk management goals with a powerful combination of user-friendly cloud-based software and expert services. The company was named to the Inc. 5000 fastest-growing private companies in America for the fourth consecutive year. For more information, visit or follow the company on LinkedIn and Twitter.


Rashida Holmes

SVP, Partnerships & Outreach

Request a Demo

Watch Video

  • Risk Assessments and Mitigation

  • Vendor Evaluation and Automated Onboarding

  • Risk Analytics and Control Gaps Report on Thousands of Vendors

  • Ongoing Monitoring and Risk Alerts

  • Auto Inherent Risk Insights to Prioritize Vendors

  • Built-in Cyber Risk & ESG Ratings

  • Vendor Scorecards and Comparison

  • Audit-Ready Reporting and Dashboards

  • Automated Workflows to Increase Collaboration

As society redefines risk and opportunity, OneTrust empowers tomorrow’s leaders to succeed through trust and impact with the Trust Intelligence Platform. The market-defining Trust Intelligence Platform from OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture by unlocking their value and potential to thrive by doing what’s good for people and the planet.

Learn more at


Jason Sabourin

Senior Director, Third-Party Risk

Want to learn more? Watch this video!

  • Vendor Onboarding

  • Sourcing RFx

  • Inherent Risk Scoring & Vendor Classification

  • Vendor Due Diligence & Ongoing Monitoring

  • Vendor Risk Assessments

  • SLAs & Vendor Performance Management

  • Vendor Contract Management

  • Vendor Issue Management

  • On-Site Vendor Control Assessments

  • Cyber Ratings, Financial Health Scores & ESG Ratings

ProcessUnity Vendor Risk Management protects companies and their brands by reducing risks from third-party vendors and suppliers. ProcessUnity helps customers effectively and efficiently assess and monitor both new and existing vendors – from initial due diligence and onboarding through termination.  Through automation and standardization, ProcessUnity customers reduce busy work, streamline regulatory reporting and improve overall visibility into vendor performance.

ProcessUnity is used by the world’s leading financial service firms and commercial enterprises.  The company is headquartered outside Boston, Massachusetts. For more information, visit


Sophia Corsetti

Marketing Communications Specialist


  • Managed services for due diligence

  • Vendor risk assessments (onsite or remote)

  • Third-party risk management program audit/assessment

  • Third-party risk management program building

  • Dashboarding and analytics

  • Cyber resiliency

  • Advisory services

  • Regulatory guidance related to third-party relationships

  • Access to subject matter resources across risk topics

  • Specialized vendor audits

RSM’s purpose is to deliver the power of being understood to our clients, colleagues and communities through world-class audit, tax and consulting services focused on middle market businesses. The clients we serve are the engine of global commerce and economic growth, and we are focused on developing leading professionals and services to meet their evolving needs in today’s ever-changing business environment. RSM US LLP is the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with 48,000 people across 120 countries. For more information, visit, explore our third-party risk management services, like us on Facebook, follow us on Twitter and/or connect with us on LinkedIn.

  • In-depth financial analysis of global public and private companies

  • Global financial data and private company ratings sourced from over 150 countries. 

  • Risk Assessment, TPRM, supply chain management

  • Predictive analytics, with a 90% accuracy rate

  • Financial Reports that are easily digestible, accessible, and shareable

  • Vetting, onboarding new suppliers, and monitoring existing suppliers

  • Comprehensive Reporting Suite and predictive analytics 

  • API Integrations 

  • Configurable program/category dashboards

  • 73 ratios for a quantitative analysis on core health and financial resiliency

RapidRatings sets the standard for financial health transparency between business partners, transforming the way leading companies manage enterprise and financial risk. The company provides the most sophisticated analysis of the financial health of public and private companies from over 140 countries worldwide.  RapidRatings primary sources private company vendor financial statements directly on behalf of our customers.

Through RapidRatings’ FHR Exchange, an innovative and secure membership platform, businesses can build more meaningful relationships and gain visibility into the financial stability of global suppliers, vendors, and other third parties.

For more info, visit: Third-Party & Vendor Risk Management │RapidRatings


Eric Evans

Managing Director,  Partnerships & Alliances

Watch Video

  • Risk assessment

  • Risk Review & Scoring

  • Continous Monitoring

  • Third-Party Risk Management

  • Supply Chain Risk Management

  • Enterprise Risk Management

  • Unique Custom Risk Prioritization

  • Efficiently Streamlined Risk Management Program

  • Risk Performance Insight

  • Manage Critical Vulnerabilities

RiskRecon, a Mastercard company, is the only continuous vendor monitoring solution delivering risk-prioritized action plans customized to match your risk priorities, providing the easiest path to understanding and acting on third-party cyber risk. With RiskRecon, you can build a scalable, third-party risk management program and realize dramatically better outcomes. Learn more about RiskRecon and request a demo at


Jonathan Ehret

VP of Strategy & Risk

Watch Video

  • TPRM Outsourced/Co-sourced Assessor Services

  • TPRM Ad-Hoc Review Services

  • TPRM Program Maturity Assessment

  • TPRM Program Implementation, Development, and Support

  • TPRM Officer-as-a-Service

  • Compliance Assessment and Consulting Services

  • Cybersecurity Services

  • Analytics, Automation, and Digital Transformation Consulting Services

  • Internal Audit Outsourced/Co-sourced Services

  • ESG Assessment and Consulting Services

Understanding how to identify and manage the risks presented by third party providers is vital for any business. Schneider Downs' Third Party Risk Management (TPRM) team has the expertise, credentials and tools to help build, implement, recalibrate, and manage a world-class TPRM program.

Our extensive Risk Advisory Team of 120+ professionals work across all industries, with organizations of all sizes, in building and executing their TPRM program, from Global Systemically Important Banks (G-SIBs) to 10-person startups.

TPRM tools and solutions have been a welcome advancement to the industry. However, our people provide the macro perspective and experience to right-size tools and solutions to the unique needs and risk tolerances of each institution.

Our teams provide qualified and certified human resources to perform accurate and efficient due diligence of third parties and enable business leaders to make sound business decisions.



Senior Manager – IT Risk Advisory

Learn more here:

TPRM Services

IT Risk Advisory Services

SOC Practice Overview

Cybersecurity Services 


Full-spectrum supplier risk intelligence with coverage for the following risk domains:

  • Financial Risk

  • Cyber Risk

  • SG Risk

  • Compliance Risk

  • Operations Risk

  • Nth Parties

  • Locations

Accessible as real-time and continuous full-spectrum risk monitoring for suppliers and locations, comprehensive one-time risk reports, or instant risk scans.

Supply Wisdom is how companies can finally stay ahead of supply chain disruptions. With today’s dynamic risk landscape, companies face endless unknowns in their supply chains and limited resources to act on them. From natural disasters and compliance issues to bankruptcies and cyber vulnerabilities, companies lacked a clear picture of all risks and the resources necessary for effective action.

Now Supply Wisdom’s always-on monitoring solution provides the most comprehensive real-time risk intelligence and triggers automated risk actions, so companies always have a clear picture of all risks and an efficient solution for swift mitigation. Now it’s all clear.

For more information, visit our website and follow us on LinkedIn.


Mike Mitchell

Head of Global Marketing

Supply Wisdom

  • Third Party Risk Management and Onboarding

  • End-to-End Workflow Management

  • Configurable Risk Model / Risk Segmentation

  • Nth Party Relationship Management

  • Third Party Risk Screening & Monitoring (Sanctions, Watchlists, PEPs, Adverse Media)

  • Programmatic Due Diligence

  • Diligence Ordering

  • Escalation to Enhanced Due Diligence and Investigations

  • Additional Features for Specific Sectors:  MedTech, Energy, Manufacturing, Private Equity

  • Configurable to Client Needs

TDI is a strategic advisory and risk intelligence firm that helps multinational organizations more effectively manage commercial, regulatory, and reputational risk. We deliver a decisive information advantage to our clients through advisory services, due diligence and investigations, and our flagship product, TDI Diligence Suite, which dramatically increases efficiency and provides clients with critical insights.

TDI Diligence Suite is an enterprise, third-party onboarding and management SaaS system that is specifically designed to help you manage third-party risk. Our platform empowers businesses to unlock accuracy and efficiency with automated third-party onboarding, assessments, due diligence, approvals, and monitoring. TDIDiligence Suite also creates an auditable record of the entire process, provides valuable and easy-to-understand insight into your enterprise risk, and addresses data privacy requirements to provide a clear picture of your entire risk management process.


Tiffany King, J.D.
Senior Director

Watch Video

  • Vendor management assessments

  • Policy and procedure development

  • Resource planning and staffing support

  • Change management support

  • Control testing & continuous process improvement

  • Value creation through cost reduction, performance improvement and risk mitigation initiatives

  • Technology planning and requirements development

  • Software RFP management

  • Software transition planning, implementation support and metrics/report development

  • Data governance and enrichment

Vendor Centric is a full-service vendor management consultancy that specializes in the three operational pillars of vendor lifecycle management:

Vendor Centric provides the framework and a full suite of vendor management consulting and technology services, that help organizations turn their vendor management vision into measurable value.

Want to learn more – here are a few short videos

Would it be worth 15-minutes to discuss ways Vendor Centric can help your company save money and reduce risk with vendors who might negatively impact your operations? Book a Meeting


Paul Schrantz

Director, Business Development & Alliances


Book a Meeting

Get to Know Vendor Centric

  • Onboarding, Ongoing Management, Offboarding

  • Outsourced Due Diligence

  • Risk Assessments

  • Questionnaires

  • Contract Management

  • Oversight Management & Automation

  • Cross-Domain Continuous Monitoring

  • SLA Management

  • Issue Management

  • Reports & Dashboards

Venminder offers a world-class SaaS platform that guides and streamlines third-party risk management. Today, more than 1,200 customers globally use Venminder to manage the entire end-to-end vendor lifecycle, from onboarding new vendors to ongoing management to offboarding vendors.

Venminder has mastered the art of combining technology with the human experience. This expertise empowers their platform to enable customers to manage vendors, contracts, due diligence tasks, questionnaires, risk assessments, and monitoring. Completed assessments on vendor controls can be ordered through their Vendiligence™ service to reduce due diligence review workloads and include thorough assessments of a vendor’s information security, SOC reports, contracts, financials, business continuity/disaster recovery, and more.

For continuous vendor monitoring, Venmonitor™ provides intelligence for better risk-based decisions. It brings the industry’s best risk intelligence data into one central location, allowing you to screen vendor or supplier performance across multiple risk domains, including cybersecurity, ESG, privacy, Know Your Vendor, business health and credit risk, and adverse media.

For more information, visit or follow Venminder on LinkedIn, Twitter and Facebook.


Jim Ciortan

Chief Sales Officer

bottom of page