top of page

TPRM Service Provider Profiles

What are TPRM Service Provider Profiles?

TPRM Service Provider Profiles are specific to TPRA Vendor Members and provide organizations with descriptive and concise snapshots of individual service provider capabilities and information. These profiles assist with understanding and evaluating service provider capabilities to make product/service decisions and aid in fostering communication and connection between organizations. 

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Onboarding and Transactional Enablement

  • Enhanced Due Diligence

  • Intake & Scope

  • Engagement-level Risk Assessment

  • Risk Management Lifecycle

  • Termination & Off-boarding

  • Continuous Monitoring & Management

  • Contract Management

  • Supplier Performance Management

  • Issue Management and Remediation

aravo logo, red background with white text

Aravo strives to make the enterprise more responsible, sustainable and ultimately more profitable. Our customers work with us to mitigate risk across their extended enterprise leveraging Aravo’s industry leading TPRM platform, portfolio of 30+ risk applications, and best practice frameworks. Enterprise teams responsible for ensuring suppliers, vendors, partners, and other third parties meet risk and regulatory requirements have Aravo as a trusted technology and business partner who understands their needs for risk visibility, management and mitigation.


Aravo’s solutions incorporate over 22 years of working experience with global brands, over 10 verticals to deliver program expertise, unified visibility and operational agility for our customers’ TPRM initiatives. Our team works to help manage risk and promote integrity for our customers so they can:

  • Avoid financial and brand liability

  • Focus on growing revenue

  • Save money through process and resource efficiencies

CONTACT INFORMATION

Dave Rusher

Chief Sales Officer

info@aravo.com

https://aravo.com/


Watch Video

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Cyber Risk Intelligence

  • Third Party/Supply Chain Risk Management

  • Continuous Monitoring

  • Financial Risk Quantification

  • Ransomware Risk Assessment

  • Automated Compliance Mapping

  • Vendor Risk Mitigation (with Prioritization)

  • Vulnerability Assessment

  • Threat Intelligence

  • Standards-Based Methodology

aravo logo, red background with white text

Black Kite gives companies a comprehensive, real-time view into cyber ecosystem risk so they can make informed risk decisions and improve business resilience while continuously monitoring more vendors, partners and suppliers in an ever changing digital landscape.


Through an automated process, and a combination of threat, business and risk information, Black Kite provides cyber risk intelligence that goes beyond a simple risk score or rating.  Black Kite serves more than 1,000 customers in a wide range of industries and has received numerous industry awards and recognition from customers.


Learn more at www.blackkite.com or on the Black Kite blog.

CONTACT INFORMATION

Johnathan Bald

VP of of Sales, North America

johnathan.bald@blackkite.com

https://blackkite.com/


Watch Video

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • AI Workflow Automation

  • AI Vendor Outreach

  • AI Risk Assessment Reviews

  • AI Document Reviews

  • False Positive Alert Filtering

  • Enhanced Vendor Due Diligence

  • Real-time Continuous Monitoring

  • SLA Monitoring & Reporting

  • Issue Management

  • Reports & Dashboards

aravo logo, red background with white text

Coverbase is your mission control for automating and managing third-party risk management workflows.


TPRM teams are constantly under water because of highly manual and time-consuming processes that don't accurately assess a company's risk exposure due to vendors. We help TPRM teams automate workflows so they can stay ahead of problems instead of spending all their time keeping up with risk assessments and vendor reviews.


Using Coverbase is akin to having an AI analyst on your TPRM team that automatically processes and keeps a constant eye on these data sources to help your team direct your time more effectively:

  • Unstructured documents obtained directly from vendors: SOC 2, penetration test reports, security audit results, API documents

  • Industry-leading third-party data sources: AlCybersecurity, Privacy, ESG, Financial, Adverse Media, and Know Your Business data

  • Anonymized risk assessment issues, findings, and reports from the broader Coverbase network of vendors

Coverbase allows TPRM leaders to build customized reassessment triggers based on time or risk conditions, and your AI team member automatically emails vendors to initiate the assessment, does a first-pass on submissions, then submits a risk report to you once ready.


Want to supercharge your TPRM function? Contact us to try Coverbase out.


(Coverbase connects to your existing TPRM solutions and does not require a full replacement of platforms you already have in place.)

CONTACT INFORMATION

Clarence Chio

CEO

sales@coverbase.ai

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Third Party & Supply Chain Risk Management and Monitoring, with risk coverage across:

  • Cyber

  • Environmental, Social, Governance (ESG)

  • Reputational, Criminal, Regulatory

  • Modern Slavery

  • Operational Risk

  • Foreign Ownership, Control and Influence

  • Financial Health

  • Sanctions/Watchlist Screening

  • Corporate Ownership Unwrapping

  • Automated Due Diligence and Monitoring

  • Full Spectrum Due Diligence

  • Supply Chain Illumination & Risk Assessment

  • Risk Management Advisory

aravo logo, red background with white text

Exiger is revolutionizing the way corporations, government agencies and banks manage risk through its combination of technology-enabled and SaaS solutions. In recognition of the growing volume and complexity of data and regulation, Exiger is committed to creating a more sustainable risk and compliance environment through its holistic and innovative approach to problem solving. Exiger’s mission to make the world a safer place to do business drives its award-winning AI technology platform built to anticipate the market’s most pressing needs related to evolving ESG, cyber, regulatory/sanctions, third-party and supply chain risk.


Exiger is the leading global SaaS risk management company delivering machine learning and data analytics capabilities to solve end-to-end third party, supply chain, and market intelligence challenges. Exiger’s innovative solution provides automated third party criticality assessments, due diligence, workflow tasks and entity specific risk events that aggregate into a portfolio risk exposure for a full risk view of an entity.

Exiger has been consistently recognized as a leader in the TPRM, SCRM and Risk Management Software markets, winning over 30 AI, RegTech and Supply Chain partner awards.  Learn more at Exiger.com and Follow Exiger on LinkedIn.

CONTACT INFORMATION

Dan Banes

Global Head of Commercial Markets 
dbanes@exiger.com

212-455-9400


Watch Video



TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Topic-based working groups to collaborate with industry experts 

  • Cross-sector chatrooms for real-time collaboration and information sharing 

  • Information sharing portal All source and multi-sector alerts and reports 

  • Resilience focused analysis 

  • Event-driven Situational Awareness Dashboard 

  • Multi-sector Situational Awareness Reports 

  • Threat and resilience discussions and presentations 

  • Event-driven emergency member meetings 

  • Peer-to-peer collaboration and information exchange across the Global Resilience Federation ISAC/ISAO network 

  • Participation in exercises and development of the Operational Resilience Framework, security standards, and playbooks

aravo logo, red background with white text

GRF builds, develops and connects security information sharing communities for mutual defense. GRF, with nearly 20 years of experience, is a nonprofit provider and hub for cyber, supply chain, physical and geopolitical threat intelligence exchange between information sharing and analysis centers (ISACs), organizations (ISAOs) and computer emergency readiness/response teams (CERTs) from many different sectors and regions around the world. GRF will help your industry develop or enhance a trusted sharing community, obtain actionable intelligence, and support you in emergencies. That’s the power of Global Resilience Federation.


Global Resilience Federation is the evolution of 1998's U.S. Presidential Decision Directive 63 and 2003's Homeland Security Presidential Directive 7 which mandated that the public and private sectors share information about cyber and physical security threats and vulnerabilities to help protect critical infrastructure. GRF was launched in 2017 as a standalone company, from a former Financial Services Information Sharing and Analysis Center (FS-ISAC) division, to coordinate multi-industry sharing and stand-up new sharing communities to be incorporated into that voluntary sharing architecture.


That effort has expanded beyond the United States and critical infrastructure to encompass global organizations, essential industries, and supply chains. GRF members span five continents, working to protect industries deemed critical by most world governments, and others that are essential to the global economy.


As industry and threat actors both adapt, cross-sector sharing is a necessary progression in the security of our modern digital economy.


Business Resilience Council (BRC) | Discount for TPRA Members

The Business Resilience Council (BRC) is a nonprofit, multi-sector, collaborative defense community where members share actionable intelligence, security and resilience best practices and analyst-curated information to help reduce risk and negative impacts across all hazards – cyber, physical, geopolitical, terrorism, major weather events and more. Key working groups focus on operational resilience, disaster recovery, supply chain and third party risk, AI security, and cross-sector exercises.


TPRA Members are eligible to receive 10% off the first year of dues to the BRC. Information was sent via email. If interested, please email us at info@tprassociation.org

CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Cybersecurity Self-Assessment

  • Third Party Risk Management

  • Insurance Underwriting

  • Summary reports for C-Suite and board level visibility

  • Score improvement scenarios

  • Benchmark security performance of third-party relationships

  • Custom dashboard monitoring critical data driving your cyber risk score

  • Unlimited access to vendor scores

  • Historical security data trends

  • Patented Supervised Machine Learning model trained to identify and use signal sources with high predictive value

aravo logo, red background with white text

The ISS Cyber Risk Score provides an empirical, proactive indicator of cyber security risk that allows organizations to better understand their own cyber resilience as well as the security posture of their vendors. Advanced machine learning based analytics, distill raw cyber intelligence into a concise actionable metric for vendor management. ISS Cyber Risk Score for Enterprise allows organizations to view their cyber risk management programs through a single lens that presents their own information as well as information regarding their vendors.

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Enterprise risk management

  • Third-party vendor management

  • Regulatory compliance management and change management

  • Lending compliance, including fair lending analytics

  • Automated findings management

  • Business continuity planning & testing

  • Audit & compliance reviews management

  • Virtual employee engagement

  • Risk performance management

  • Vendor cybersecurity monitoring

aravo logo, red background with white text

Ncontracts’ powerful suite combines risk, compliance, vendor, and findings management solutions to drive efficiency and build a risk management culture resulting in smarter, faster decisions.


Ncontracts provides solutions to a rapidly expanding customer base of over 4,000 financial institutions in the United States. We help financial institutions achieve their compliance and risk management goals with a powerful combination of user-friendly cloud-based software and expert services. The company was named to the Inc. 5000 fastest-growing private companies in America for the fourth consecutive year. For more information, visit www.ncontracts.com or follow the company on LinkedIn and Twitter.

CONTACT INFORMATION

Rashida Holmes

SVP, Partnerships & Outreach

Rashida.Holmes@ncontracts.com


Request a Demo


Watch Video

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Risk Assessments and Mitigation

  • Vendor Evaluation and Automated Onboarding

  • Risk Analytics and Control Gaps Report on Thousands of Vendors

  • Ongoing Monitoring and Risk Alerts

  • Auto Inherent Risk Insights to Prioritize Vendors

  • Built-in Cyber Risk & ESG Ratings

  • Vendor Scorecards and Comparison

  • Audit-Ready Reporting and Dashboards

  • Automated Workflows to Increase Collaboration

aravo logo, red background with white text

OneTrust is the trust intelligence cloud platform organizations use to transform trust from an abstract concept into a measurable competitive advantage. Organizations globally use OneTrust to enable the responsible use of data while protecting the privacy rights of individuals, implement and report on their cyber security program, make their social impact goals a reality, and create a speak up culture of trust. More than 14,000 customers use OneTrust’s technology, including half of the Global 2,000. OneTrust currently ranks #24 on the Forbes Cloud 100 list of top private cloud companies in the world and employs over 2,000 people in regions across North America, South America, Asia, Europe, and Australia.


Learn more at OneTrust.com.

CONTACT INFORMATION

Jason Sabourin

Senior Director, Third-Party Risk

jsabourin@onetrust.com


Want to learn more? Watch this video!

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Vendor Onboarding

  • Sourcing RFx

  • Inherent Risk Scoring & Vendor Classification

  • Vendor Due Diligence & Ongoing Monitoring

  • Vendor Risk Assessments

  • SLAs & Vendor Performance Management

  • Vendor Contract Management

  • Vendor Issue Management

  • On-Site Vendor Control Assessments

  • Cyber Ratings, Financial Health Scores & ESG Ratings

aravo logo, red background with white text

ProcessUnity Third-Party Risk Management protects companies and their brands by reducing risk from third parties, vendors and suppliers. TPRM expands the scope of risk management to encompass any external party that could pose a risk to an organization, including vendors, contractors, partners and suppliers.


With a single, configurable platform, ProcessUnity helps organizations manage the increasing complexity of supply chains and third-party relationships with tools to identify and assess the risks associated with each external party, monitor third-party performance and ensure external control effectiveness. Our software platform empowers you to proactively manage third-party risks and protect your organization from potential cyber threats and business disruptions.


ProcessUnity is used by the world’s leading financial service firms and commercial enterprises.  The company is headquartered outside Boston, Massachusetts. For more information, visit http://www.processunity.com.

CONTACT INFORMATION

Kate Broderick

Marketing Program Manager

ProcessUnity

kate.broderick@processunity.com

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Managed services for due diligence

  • Vendor risk assessments (onsite or remote)

  • Third-party risk management program audit/assessment

  • Third-party risk management program building

  • Dashboarding and analytics

  • Cyber resiliency

  • Advisory services

  • Regulatory guidance related to third-party relationships

  • Access to subject matter resources across risk topics

  • Specialized vendor audits

aravo logo, red background with white text

RSM’s purpose is to deliver the power of being understood to our clients, colleagues and communities through world-class audit, tax and consulting services focused on middle market businesses. The clients we serve are the engine of global commerce and economic growth, and we are focused on developing leading professionals and services to meet their evolving needs in today’s ever-changing business environment. RSM US LLP is the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with 48,000 people across 120 countries. For more information, visit rsmus.com, explore our third-party risk management services, like us on Facebook, follow us on Twitter and/or connect with us on LinkedIn.

CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • In-depth financial analysis of global public and private companies

  • Global financial data and private company ratings sourced from over 150 countries. 

  • Risk Assessment, TPRM, supply chain management

  • Predictive analytics, with a 90% accuracy rate

  • Financial Reports that are easily digestible, accessible, and shareable

  • Vetting, onboarding new suppliers, and monitoring existing suppliers

  • Comprehensive Reporting Suite and predictive analytics 

  • API Integrations 

  • Configurable program/category dashboards

  • 73 ratios for a quantitative analysis on core health and financial resiliency

aravo logo, red background with white text

RapidRatings sets the standard for financial health transparency between business partners, transforming the way leading companies manage enterprise and financial risk. The company provides the most sophisticated analysis of the financial health of public and private companies from over 140 countries worldwide.  RapidRatings primary sources private company vendor financial statements directly on behalf of our customers.


Through RapidRatings’ FHR Exchange, an innovative and secure membership platform, businesses can build more meaningful relationships and gain visibility into the financial stability of global suppliers, vendors, and other third parties.


For more info, visit: Third-Party & Vendor Risk Management │RapidRatings

CONTACT INFORMATION

Eric Evans

Managing Director,  Partnerships & Alliances

evans@rapidratings.com


Watch Video

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Risk assessment

  • Risk Review & Scoring

  • Continous Monitoring

  • Third-Party Risk Management

  • Supply Chain Risk Management

  • Enterprise Risk Management

  • Unique Custom Risk Prioritization

  • Efficiently Streamlined Risk Management Program

  • Risk Performance Insight

  • Manage Critical Vulnerabilities

aravo logo, red background with white text

RiskRecon, a Mastercard company, is the only continuous vendor monitoring solution delivering risk-prioritized action plans customized to match your risk priorities, providing the easiest path to understanding and acting on third-party cyber risk. With RiskRecon, you can build a scalable, third-party risk management program and realize dramatically better outcomes. Learn more about RiskRecon and request a demo at riskrecon.com.

CONTACT INFORMATION

Jonathan Ehret

VP of Strategy & Risk

jonathan.ehret@riskrecon.com

www.riskrecon.com


Watch Video

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES

Full-spectrum supplier risk intelligence with coverage for the following risk domains:

  • Financial Risk

  • Cyber Risk

  • SG Risk

  • Compliance Risk

  • Operations Risk

  • Nth Parties

  • Locations

Accessible as real-time and continuous full-spectrum risk monitoring for suppliers and locations, comprehensive one-time risk reports, or instant risk scans.

aravo logo, red background with white text

Supply Wisdom transforms global business with comprehensive, predictive, real-time risk intelligence. Through continuous monitoring, comprehensive intelligence reports, and real-time alerts, Supply Wisdom speeds business growth, lowers costs, increases security and compliance, and unlocks revenue opportunities. Supply Wisdom’s full-stack AI-based SaaS products turn open-source data into risk intelligence and are the market’s only software to cover all risk domains in real-time: financial, cyber, operational, ESG, compliance, Nth party, and location-based risk. Supply Wisdom clients include Fortune 100 and Global 2000 firms in the financial services, insurance, healthcare, and technology sectors, including United Healthcare, BNY Mellon, and Bank of Ireland. Supply Wisdom values diversity with a global workforce that is currently 57% female.


Contact Supply Wisdom today for a quick demo so you can see how our actionable approach can achieve great results for your company.


For more information, visit our website and follow us on LinkedIn.

CONTACT INFORMATION

Pete Curtis

Head of Marketing

Supply Wisdom

marketing@supplywisdom.com

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Third Party Risk Management and Onboarding

  • End-to-End Workflow Management

  • Configurable Risk Model / Risk Segmentation

  • Nth Party Relationship Management

  • Third Party Risk Screening & Monitoring (Sanctions, Watchlists, PEPs, Adverse Media)

  • Programmatic Due Diligence

  • Diligence Ordering

  • Escalation to Enhanced Due Diligence and Investigations

  • Additional Features for Specific Sectors:  MedTech, Energy, Manufacturing, Private Equity

  • Configurable to Client Needs

aravo logo, red background with white text

TDI is a strategic advisory and risk intelligence firm that helps multinational organizations more effectively manage commercial, regulatory, and reputational risk. We deliver a decisive information advantage to our clients through advisory services, due diligence and investigations, and our flagship product, TDI Diligence Suite, which dramatically increases efficiency and provides clients with critical insights.

TDI Diligence Suite is an enterprise, third-party onboarding and management SaaS system that is specifically designed to help you manage third-party risk. Our platform empowers businesses to unlock accuracy and efficiency with automated third-party onboarding, assessments, due diligence, approvals, and monitoring. TDIDiligence Suite also creates an auditable record of the entire process, provides valuable and easy-to-understand insight into your enterprise risk, and addresses data privacy requirements to provide a clear picture of your entire risk management process.

CONTACT INFORMATION

Tiffany King, J.D.
Senior Director
TDI
king@tdinternational.com


Watch Video

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • AI

  • Third Party Risk Assessments

  • Continuous Monitoring

  • Security Artifact Collection

  • TPRM Auditing

  • Third Party Data

  • Risk Management

  • Risk Alerts

  • Vendor Recommendations

  • Lifecycle Management

aravo logo, red background with white text

VISO TRUST is the Next Generation SaaS Third Party Cyber Risk Management Platform that uses human-in-the-loop AI and end-to-end automation to continuously assess the risk posed by current and prospective third party relationships with unprecedented precision, speed and scalability.


Powered by unique patented AI technology called Artifact Intelligence, VISO TRUST streamlines and simplifies TPRM workflows by engaging third parties automatically and collecting artifacts of the security program that already exist.


Artifact Intelligence supports over 25 frameworks and comprehensively determines risk across cybersecurity, privacy, resilience, AI trust, cyber insurance, and product security dimensions. The platform draws third party data from a diverse set of public and private sources and eliminates vendor chasing, and questionnaire-oriented administration, collection, and analysis. Instead, VISO TRUST collects, identifies, and classifies third party program artifacts automatically and then extracts and evaluates controls to determine their level of assurance.

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  • Onboarding, Ongoing Management, Offboarding

  • Outsourced Due Diligence

  • Risk Assessments

  • Questionnaires

  • Contract Management

  • Oversight Management & Automation

  • Cross-Domain Continuous Monitoring

  • SLA Management

  • Issue Management

  • Reports & Dashboards

aravo logo, red background with white text

Venminder offers a world-class SaaS platform that guides and streamlines third-party risk management. Today, more than 1,200 customers globally use Venminder to manage the entire end-to-end vendor lifecycle, from onboarding new vendors to ongoing management to offboarding vendors.


Venminder has mastered the art of combining technology with the human experience. This expertise empowers their platform to enable customers to manage vendors, contracts, due diligence tasks, questionnaires, risk assessments, and monitoring. Completed assessments on vendor controls can be ordered through their Vendiligence™ service to reduce due diligence review workloads and include thorough assessments of a vendor’s information security, SOC reports, contracts, financials, business continuity/disaster recovery, and more.


For continuous vendor monitoring, Venmonitor™ provides intelligence for better risk-based decisions. It brings the industry’s best risk intelligence data into one central location, allowing you to screen vendor or supplier performance across multiple risk domains, including cybersecurity, ESG, privacy, Know Your Vendor, business health and credit risk, and adverse media.

For more information, visit venminder.com or follow Venminder on LinkedIn, Twitter and Facebook.

CONTACT INFORMATION

Jim Ciortan

Chief Sales Officer

sales@venminder.com

www.venminder.com


Watch Video

TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
  1. Total Third-Party Risk Management 

  2. Fast, Efficient Vendor Assessments 

  3. Automated Questionnaire Reponse 

  4. Security Exchange for On-Demand Assessments 

  5. AI-Powered Workflows 

  6. TPRM Lifecycle: Intake, Calculate Risk, Assess, Monitor 

  7. Trust Center: Manage, Publish, and Share Security Compliance Info 

  8. Access to 40+ Questionnaires and Frameworks 

  9. SOC 2 Summarization 

  10. Salesforce and Slack Integrations

aravo logo, red background with white text

The Whistic platform gives InfoSec teams the power to run world-class third-party risk management and customer trust programs with a single, unified experience that streamlines both sides of the vendor risk assessment process. 


Enable Your Custom TPRM Program 

Easily manage all aspects of your third-party risk program and significantly reduce your company’s potential for a costly data breach. Meet your regulatory compliance and audit requirements in a simple, automated process. 


Manage and Share Your Trust Center 

Substantially reduce inbound questionnaire response requests: manage all of your security and compliance information from one place, making it fast and easy to search, publish, share, and confidently meet a customer’s assessment requirements. 


Connect with Thousands of Companies 

Access the industry’s most robust network of vendors and their customers: securely exchange security and compliance information and conduct on-demand assessments. 


Leverage Integrated AI and Automation 

Let Whisitc AI do the heavy lifting throughout your TPRM processes: summarize, organize, and analyze data, generate content, and automate manual tasks so you can focus on other things. 


Learn more at www.whistic.com.

CONTACT INFORMATION

Josh Mordecai

Growth Specialist

jmordecai@whistic.com

bottom of page