TPRM Service Provider Profiles
What are TPRM Service Provider Profiles?
TPRM Service Provider Profiles are specific to TPRA Vendor Members and provide organizations with descriptive and concise snapshots of individual service provider capabilities and information. These profiles assist with understanding and evaluating service provider capabilities to make product/service decisions and aid in fostering communication and connection between organizations.
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Onboarding and Transactional Enablement
Enhanced Due Diligence
Intake & Scope
Engagement-level Risk Assessment
Risk Management Lifecycle
Termination & Off-boarding
Continuous Monitoring & Management
Contract Management
Supplier Performance Management
Issue Management and Remediation
Aravo strives to make the enterprise more responsible, sustainable and ultimately more profitable. Our customers work with us to mitigate risk across their extended enterprise leveraging Aravo’s industry leading TPRM platform, portfolio of 30+ risk applications, and best practice frameworks. Enterprise teams responsible for ensuring suppliers, vendors, partners, and other third parties meet risk and regulatory requirements have Aravo as a trusted technology and business partner who understands their needs for risk visibility, management and mitigation.
Aravo’s solutions incorporate over 22 years of working experience with global brands, over 10 verticals to deliver program expertise, unified visibility and operational agility for our customers’ TPRM initiatives. Our team works to help manage risk and promote integrity for our customers so they can:
Avoid financial and brand liability
Focus on growing revenue
Save money through process and resource efficiencies
CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Cyber Risk Intelligence
Third Party/Supply Chain Risk Management
Continuous Monitoring
Financial Risk Quantification
Ransomware Risk Assessment
Automated Compliance Mapping
Vendor Risk Mitigation (with Prioritization)
Vulnerability Assessment
Threat Intelligence
Standards-Based Methodology
Black Kite gives companies a comprehensive, real-time view into cyber ecosystem risk so they can make informed risk decisions and improve business resilience while continuously monitoring more vendors, partners and suppliers in an ever changing digital landscape.
Through an automated process, and a combination of threat, business and risk information, Black Kite provides cyber risk intelligence that goes beyond a simple risk score or rating. Black Kite serves more than 1,000 customers in a wide range of industries and has received numerous industry awards and recognition from customers.
Learn more at www.blackkite.com or on the Black Kite blog.
CONTACT INFORMATION
Johnathan Bald
VP of of Sales, North America
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Vendor risk assessment exchange
Tech-enabled managed services
Rapid validated assessments
Dashboard & BI reporting
Full vendor portfolio coverage
Workflow automation
Remediation services
Product and environment-specific assessments
Integration with leading VRM technology providers
Healthcare vendor risk management
CORL is a leading provider of tech-enabled managed services for vendor risk management and compliance for healthcare organizations. CORL gets results by scaling organizational and vendor risk management programs through our healthcare vendor clearinghouse, dashboard reporting that business owners can understand, and proven workflows that drive the organization to measurable risk reduction.
We have assessed over 80,000 healthcare vendors and validated their security posture. Our vendor risk clearinghouse platform allows the rapid sharing and reuse of assessment results across healthcare organizations. Our tech-enabled managed service completes your vendor risk assessments, validates assessment responses, and follows through with vendors until they remediate known critical gaps.
CORL’s unique combination of data, automation, workflow, process, and technology expedites the vendor risk assessment process and delivers what the business needs most: Speed.
CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Third Party & Supply Chain Risk Management and Monitoring, with risk coverage across:
Cyber
Environmental, Social, Governance (ESG)
Reputational, Criminal, Regulatory
Modern Slavery
Operational Risk
Foreign Ownership, Control and Influence
Financial Health
Sanctions/Watchlist Screening
Corporate Ownership Unwrapping
Automated Due Diligence and Monitoring
Full Spectrum Due Diligence
Supply Chain Illumination & Risk Assessment
Risk Management Advisory
Exiger is revolutionizing the way corporations, government agencies and banks manage risk through its combination of technology-enabled and SaaS solutions. In recognition of the growing volume and complexity of data and regulation, Exiger is committed to creating a more sustainable risk and compliance environment through its holistic and innovative approach to problem solving. Exiger’s mission to make the world a safer place to do business drives its award-winning AI technology platform built to anticipate the market’s most pressing needs related to evolving ESG, cyber, regulatory/sanctions, third-party and supply chain risk.
Exiger is the leading global SaaS risk management company delivering machine learning and data analytics capabilities to solve end-to-end third party, supply chain, and market intelligence challenges. Exiger’s innovative solution provides automated third party criticality assessments, due diligence, workflow tasks and entity specific risk events that aggregate into a portfolio risk exposure for a full risk view of an entity.
Exiger has been consistently recognized as a leader in the TPRM, SCRM and Risk Management Software markets, winning over 30 AI, RegTech and Supply Chain partner awards. Learn more at Exiger.com and Follow Exiger on LinkedIn.
CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Cybersecurity Self-Assessment
Third Party Risk Management
Insurance Underwriting
Summary reports for C-Suite and board level visibility
Score improvement scenarios
Benchmark security performance of third-party relationships
Custom dashboard monitoring critical data driving your cyber risk score
Unlimited access to vendor scores
Historical security data trends
Patented Supervised Machine Learning model trained to identify and use signal sources with high predictive value
The ISS Cyber Risk Score provides an empirical, proactive indicator of cyber security risk that allows organizations to better understand their own cyber resilience as well as the security posture of their vendors. Advanced machine learning based analytics, distill raw cyber intelligence into a concise actionable metric for vendor management. ISS Cyber Risk Score for Enterprise allows organizations to view their cyber risk management programs through a single lens that presents their own information as well as information regarding their vendors.
CONTACT INFORMATION
Kimberly Manibusan
Head of Cyber Strategy
Kimberly.Manibusan@isscorporatesolutions.com
https://www.isscorporatesolutions.com/solutions/security-suite/
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Enterprise risk management
Third-party vendor management
Regulatory compliance management and change management
Lending compliance, including fair lending analytics
Automated findings management
Business continuity planning & testing
Audit & compliance reviews management
Virtual employee engagement
Risk performance management
Vendor cybersecurity monitoring
Ncontracts’ powerful suite combines risk, compliance, vendor, and findings management solutions to drive efficiency and build a risk management culture resulting in smarter, faster decisions.
Ncontracts provides solutions to a rapidly expanding customer base of over 4,000 financial institutions in the United States. We help financial institutions achieve their compliance and risk management goals with a powerful combination of user-friendly cloud-based software and expert services. The company was named to the Inc. 5000 fastest-growing private companies in America for the fourth consecutive year. For more information, visit www.ncontracts.com or follow the company on LinkedIn and Twitter.
CONTACT INFORMATION
Rashida Holmes
SVP, Partnerships & Outreach
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Risk Assessments and Mitigation
Vendor Evaluation and Automated Onboarding
Risk Analytics and Control Gaps Report on Thousands of Vendors
Ongoing Monitoring and Risk Alerts
Auto Inherent Risk Insights to Prioritize Vendors
Built-in Cyber Risk & ESG Ratings
Vendor Scorecards and Comparison
Audit-Ready Reporting and Dashboards
Automated Workflows to Increase Collaboration
As society redefines risk and opportunity, OneTrust empowers tomorrow’s leaders to succeed through trust and impact with the Trust Intelligence Platform. The market-defining Trust Intelligence Platform from OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture by unlocking their value and potential to thrive by doing what’s good for people and the planet.
Learn more at OneTrust.com.
CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Vendor Onboarding
Sourcing RFx
Inherent Risk Scoring & Vendor Classification
Vendor Due Diligence & Ongoing Monitoring
Vendor Risk Assessments
SLAs & Vendor Performance Management
Vendor Contract Management
Vendor Issue Management
On-Site Vendor Control Assessments
Cyber Ratings, Financial Health Scores & ESG Ratings
ProcessUnity Vendor Risk Management protects companies and their brands by reducing risks from third-party vendors and suppliers. ProcessUnity helps customers effectively and efficiently assess and monitor both new and existing vendors – from initial due diligence and onboarding through termination. Through automation and standardization, ProcessUnity customers reduce busy work, streamline regulatory reporting and improve overall visibility into vendor performance.
ProcessUnity is used by the world’s leading financial service firms and commercial enterprises. The company is headquartered outside Boston, Massachusetts. For more information, visit http://www.processunity.com.
CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Managed services for due diligence
Vendor risk assessments (onsite or remote)
Third-party risk management program audit/assessment
Third-party risk management program building
Dashboarding and analytics
Cyber resiliency
Advisory services
Regulatory guidance related to third-party relationships
Access to subject matter resources across risk topics
Specialized vendor audits
RSM’s purpose is to deliver the power of being understood to our clients, colleagues and communities through world-class audit, tax and consulting services focused on middle market businesses. The clients we serve are the engine of global commerce and economic growth, and we are focused on developing leading professionals and services to meet their evolving needs in today’s ever-changing business environment. RSM US LLP is the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with 48,000 people across 120 countries. For more information, visit rsmus.com, explore our third-party risk management services, like us on Facebook, follow us on Twitter and/or connect with us on LinkedIn.
CONTACT INFORMATION
Amy Feldman
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
In-depth financial analysis of global public and private companies
Global financial data and private company ratings sourced from over 150 countries.
Risk Assessment, TPRM, supply chain management
Predictive analytics, with a 90% accuracy rate
Financial Reports that are easily digestible, accessible, and shareable
Vetting, onboarding new suppliers, and monitoring existing suppliers
Comprehensive Reporting Suite and predictive analytics
API Integrations
Configurable program/category dashboards
73 ratios for a quantitative analysis on core health and financial resiliency
RapidRatings sets the standard for financial health transparency between business partners, transforming the way leading companies manage enterprise and financial risk. The company provides the most sophisticated analysis of the financial health of public and private companies from over 140 countries worldwide. RapidRatings primary sources private company vendor financial statements directly on behalf of our customers.
Through RapidRatings’ FHR Exchange, an innovative and secure membership platform, businesses can build more meaningful relationships and gain visibility into the financial stability of global suppliers, vendors, and other third parties.
For more info, visit: Third-Party & Vendor Risk Management │RapidRatings
CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Risk assessment
Risk Review & Scoring
Continous Monitoring
Third-Party Risk Management
Supply Chain Risk Management
Enterprise Risk Management
Unique Custom Risk Prioritization
Efficiently Streamlined Risk Management Program
Risk Performance Insight
Manage Critical Vulnerabilities

RiskRecon, a Mastercard company, is the only continuous vendor monitoring solution delivering risk-prioritized action plans customized to match your risk priorities, providing the easiest path to understanding and acting on third-party cyber risk. With RiskRecon, you can build a scalable, third-party risk management program and realize dramatically better outcomes. Learn more about RiskRecon and request a demo at riskrecon.com.
CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
TPRM Outsourced/Co-sourced Assessor Services
TPRM Ad-Hoc Review Services
TPRM Program Maturity Assessment
TPRM Program Implementation, Development, and Support
TPRM Officer-as-a-Service
Compliance Assessment and Consulting Services
Cybersecurity Services
Analytics, Automation, and Digital Transformation Consulting Services
Internal Audit Outsourced/Co-sourced Services
ESG Assessment and Consulting Services
Understanding how to identify and manage the risks presented by third party providers is vital for any business. Schneider Downs' Third Party Risk Management (TPRM) team has the expertise, credentials and tools to help build, implement, recalibrate, and manage a world-class TPRM program.
Our extensive Risk Advisory Team of 120+ professionals work across all industries, with organizations of all sizes, in building and executing their TPRM program, from Global Systemically Important Banks (G-SIBs) to 10-person startups.
TPRM tools and solutions have been a welcome advancement to the industry. However, our people provide the macro perspective and experience to right-size tools and solutions to the unique needs and risk tolerances of each institution.
Our teams provide qualified and certified human resources to perform accurate and efficient due diligence of third parties and enable business leaders to make sound business decisions.
CONTACT INFORMATION
William M. Deller CISA, CTPRP, CTPRA, CCSFP
Senior Manager – IT Risk Advisory
Learn more here:
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Full-spectrum supplier risk intelligence with coverage for the following risk domains:
Financial Risk
Cyber Risk
SG Risk
Compliance Risk
Operations Risk
Nth Parties
Locations
Accessible as real-time and continuous full-spectrum risk monitoring for suppliers and locations, comprehensive one-time risk reports, or instant risk scans.
Supply Wisdom is how companies can finally stay ahead of supply chain disruptions. With today’s dynamic risk landscape, companies face endless unknowns in their supply chains and limited resources to act on them. From natural disasters and compliance issues to bankruptcies and cyber vulnerabilities, companies lacked a clear picture of all risks and the resources necessary for effective action.
Now Supply Wisdom’s always-on monitoring solution provides the most comprehensive real-time risk intelligence and triggers automated risk actions, so companies always have a clear picture of all risks and an efficient solution for swift mitigation. Now it’s all clear.
For more information, visit our website and follow us on LinkedIn.
CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Third Party Risk Management and Onboarding
End-to-End Workflow Management
Configurable Risk Model / Risk Segmentation
Nth Party Relationship Management
Third Party Risk Screening & Monitoring (Sanctions, Watchlists, PEPs, Adverse Media)
Programmatic Due Diligence
Diligence Ordering
Escalation to Enhanced Due Diligence and Investigations
Additional Features for Specific Sectors: MedTech, Energy, Manufacturing, Private Equity
Configurable to Client Needs
TDI is a strategic advisory and risk intelligence firm that helps multinational organizations more effectively manage commercial, regulatory, and reputational risk. We deliver a decisive information advantage to our clients through advisory services, due diligence and investigations, and our flagship product, TDI Diligence Suite, which dramatically increases efficiency and provides clients with critical insights.
TDI Diligence Suite is an enterprise, third-party onboarding and management SaaS system that is specifically designed to help you manage third-party risk. Our platform empowers businesses to unlock accuracy and efficiency with automated third-party onboarding, assessments, due diligence, approvals, and monitoring. TDIDiligence Suite also creates an auditable record of the entire process, provides valuable and easy-to-understand insight into your enterprise risk, and addresses data privacy requirements to provide a clear picture of your entire risk management process.
CONTACT INFORMATION
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Vendor management assessments
Policy and procedure development
Resource planning and staffing support
Change management support
Control testing & continuous process improvement
Value creation through cost reduction, performance improvement and risk mitigation initiatives
Technology planning and requirements development
Software RFP management
Software transition planning, implementation support and metrics/report development
Data governance and enrichment
Vendor Centric is a full-service vendor management consultancy that specializes in the three operational pillars of vendor lifecycle management:
Vendor Centric provides the framework and a full suite of vendor management consulting and technology services, that help organizations turn their vendor management vision into measurable value.
Want to learn more – here are a few short videos
Would it be worth 15-minutes to discuss ways Vendor Centric can help your company save money and reduce risk with vendors who might negatively impact your operations? Book a Meeting
CONTACT INFORMATION
Paul Schrantz
Director, Business Development & Alliances
240-813-1161
TOP 10 PRODUCT FUNCTIONALITY CATEGORIES
Onboarding, Ongoing Management, Offboarding
Outsourced Due Diligence
Risk Assessments
Questionnaires
Contract Management
Oversight Management & Automation
Cross-Domain Continuous Monitoring
SLA Management
Issue Management
Reports & Dashboards
Venminder offers a world-class SaaS platform that guides and streamlines third-party risk management. Today, more than 1,200 customers globally use Venminder to manage the entire end-to-end vendor lifecycle, from onboarding new vendors to ongoing management to offboarding vendors.
Venminder has mastered the art of combining technology with the human experience. This expertise empowers their platform to enable customers to manage vendors, contracts, due diligence tasks, questionnaires, risk assessments, and monitoring. Completed assessments on vendor controls can be ordered through their Vendiligence™ service to reduce due diligence review workloads and include thorough assessments of a vendor’s information security, SOC reports, contracts, financials, business continuity/disaster recovery, and more.
For continuous vendor monitoring, Venmonitor™ provides intelligence for better risk-based decisions. It brings the industry’s best risk intelligence data into one central location, allowing you to screen vendor or supplier performance across multiple risk domains, including cybersecurity, ESG, privacy, Know Your Vendor, business health and credit risk, and adverse media.
For more information, visit venminder.com or follow Venminder on LinkedIn, Twitter and Facebook.