Prevalent: Prevalent Pharmaceutical Customers

Prevalent Customer Testimonial

Prevalent Provides Visibility into Third-Party Risks

Prevalent gave us the ability to understand the cybersecurity dangers to our company data, employees, and patients.

— IT Systems Analyst, Global 500 Pharmaceuticals Company

Prevalent Customer Testimonial

Prevalent Delivers Automation for Third-Party Risk Management

We now have a way to automate our assessments. We can now create detailed reports on each vendor and track our remediation efforts much more easily and in one place. The automated system saves us lots of time with communications and completed assessment reminders.

— Security Manager, Large Enterprise Pharmaceuticals Company

Prevalent Customer Testimonial

Prevalent Delivers an Easy-to-Use Solution for Simplifying Vendor Risk Management

Very positive impact. Speeded up assessments. Nice for the eye. Good reporting and nice dashboards.

— Security Officer, S&P 500 Pharmaceuticals Company

Prevalent Case Study

Global 500 Pharmaceuticals Company

Introduction

This case study of a Global 500 pharmaceuticals company is based on an October 2019 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Prevalent gave us the ability to understand the cybersecurity dangers to our company data, employees, and patients.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Prevalent:

Top drivers for purchasing their Prevalent third-party risk management solution:
- Compliance – reporting against specific regulatory or industry framework requirements
- Stronger cybersecurity, to ensure that third parties do not introduce cyber risks that could negatively impact the business
- Reduce operational burden (the process of assessing and evaluating vendors took too much time and resources)
- Greater risk-based intelligence
Challenges that deploying Prevalent solved for their organization:
- A lack of guidance in addressing industry standards or third-party regulatory compliance requirements for cyber risk, InfoSec, or data privacy
- An inability to share completed assessment content and supporting evidence to more quickly identify risks and vulnerabilities
- An inconsistent methodology for vendor risk management
Vendors evaluated before choosing Prevalent:
- OneTrust
- ServiceNow

Use Case

Looking to grow the number of vendors they assess in the next 12 months by 11-25%.

Results

The surveyed company achieved the following results with Prevalent:

The following Prevalent capabilities in terms of how differentiated they are compared to the competition:
- Breadth of available surveys: differentiated
- Assessment scheduling and automated chasing reminders: very differentiated
- Automated risk and compliance register: very differentiated
- Centralized document/evidence management: very differentiated
- Create tasks, flags, and risks based on results of assessment responses in risk register: differentiated
- Identify key controls and apply reporting to the most critical relevant risks: very highly differentiated
- In-solution communication with suppliers on remediating risks: very differentiated
- Identify and visualize relationships between entities to demonstrate dependencies and flows of information: differentiated
- User dashboard of tasks, schedules, risk activities, survey completion status, agreements, and documents: differentiated
How long it took to complete an assessment:
- Before deploying Prevalent: more than a month
- After deploying Prevalent: 1-2 weeks
Saved more than 1 week per assessment on average by utilizing the Prevalent Platform.

Prevalent Case Study

Large Enterprise Pharmaceuticals Company

Introduction

This case study of a large enterprise pharmaceuticals company is based on an October 2019 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“We now have a way to automate our assessments. We can now create detailed reports on each vendor and track our remediation efforts much more easily and in one place. The automated system saves us a lot of time with communications and completed assessment reminders.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Prevalent:

Top drivers for purchasing their Prevalent third-party risk management solution:
- Compliance – reporting against specific regulatory or industry framework requirements
- Stronger cybersecurity, to ensure that third parties do not introduce cyber risks that could negatively impact the business
- Reduce operational burden (the process of assessing and evaluating vendors took too much time and resources)
- Greater risk-based intelligence
Challenges that deploying Prevalent solved for their organization:
- A lack of automation in collecting and analyzing vendor surveys
- A limited ability to continuously monitor vendors
- A lack of insights to make risk-based decisions
- A lack of guidance in addressing industry standards or third-party regulatory compliance requirements for cyber risk, InfoSec, or data privacy
- An inability to share completed assessment content and supporting evidence to more quickly identify risks and vulnerabilities
Vendors evaluated before choosing Prevalent:
- ServiceNow
- ThirdPartyTrust

Use Case

Regulations or industry frameworks they must regularly report against:
- HIPAA
- NIST 800-53
- PCI
Looking to grow the number of vendors they assess in the next 12 months by more than 25%+.

Results

The surveyed company achieved the following results with Prevalent:

The following Prevalent capabilities in terms of how differentiated they are compared to the competition:
- Breadth of available surveys: very highly differentiated
- Assessment scheduling and automated chasing reminders: differentiated
- Automated risk and compliance register: very highly differentiated
- Centralized document/evidence management: differentiated
- Create tasks, flags, and risks based on results of assessment responses in risk register: very differentiated
- Identify key controls and apply reporting to the most critical relevant risks: very differentiated
- In-solution communication with suppliers on remediating risks: very highly differentiated
- Scan third-party networks and apply business intelligence to provide and “outside-in” weighted score of risks: differentiated
- Map results to regulatory and industry frameworks like ISO, NIST, GDPR, CoBiT 5, SSAE 18, SIG, SIG Lite, NYDFS for reporting purposes: very differentiated
- Identify and visualize relationships between entities to demonstrate dependencies and flows of information: very differentiated
- User dashboard of tasks, schedules, risk activities, survey completion status, agreements, and documents: very highly differentiated
How long it took to complete an assessment:
- Before deploying Prevalent: more than a month
- After deploying Prevalent: 2-3 weeks
Saved more than 1 week per assessment on average by utilizing the Prevalent Platform.

Prevalent Case Study

S&P 500 Pharmaceuticals Company

Introduction

This case study of an S&P 500 pharmaceuticals company is based on an October 2019 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Very positive impact. Speeded up assessments. Nice for the eye. Good reporting and nice dashboards.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Prevalent:

Top drivers for purchasing their Prevalent third-party risk management solution:
- Stronger cybersecurity, to ensure that third parties do not introduce cyber risks that could negatively impact the business
- Reduce operational burden (the process of assessing and evaluating vendors took too much time and resources)
Challenges that deploying Prevalent solved for their organization:
- A lack of automation in collecting and analyzing vendor surveys
- An inability to share completed assessment content and supporting evidence to more quickly identify risks and vulnerabilities
- Having no centralization of TPRM functions
- An inconsistent methodology for vendor risk management

Use Case

Regulations or industry frameworks they must regularly report against:
- GDPR
- HIPAA
- ISO 27001
- NIST 800-53
Looking to grow the number of vendors they assess in the next 12 months by 0-10%.

Results

The surveyed company achieved the following results with Prevalent:

The following Prevalent capabilities in terms of how differentiated they are compared to the competition:
- Breadth of available surveys: very highly differentiated
- Assessment scheduling and automated chasing reminders: very differentiated
- Create tasks, flags, and risks based on results of assessment responses in risk register: very highly differentiated
- In-solution communication with suppliers on remediating risks: very differentiated
- Scan third-party networks and apply business intelligence to provide and “outside-in” weighted score of risks: very highly differentiated
- User dashboard of tasks, schedules, risk activities, survey completion status, agreements, and documents: very highly differentiated
How long it took to complete an assessment:
- Before deploying Prevalent: 3-4 weeks
- After deploying Prevalent: 1-2 weeks
Saved about 1 week per assessment on average by utilizing the Prevalent Platform.

Prevalent Customer Testimonial

Prevalent Simplifies Audits

Our assessment process is now managed all within Prevalent. This makes the data available very easily for the business owners when asked. We also have all the pieces of the assessment within the product for audit purposes. Having the documentation time-stamped makes evidence available for auditors.

— IT Systems Analyst, Global 500 Pharmaceuticals Company

Prevalent Customer Testimonial

We built our Supplier Security Assessment Process around the Prevalent tool. We worked the tool to effectively manage what we chose our Program to be. The tool holds all information for each supplier assessment and will be the main point of evidence when/if the assessment process is audited internally or externally.

— IT Specialist, Global 500 Pharmaceuticals Company

Prevalent Customer Satisfaction Rating

An IT Specialist at a Global 500 pharmaceuticals company would be very likely to recommend Prevalent for this reason:

Prevalent Customer Testimonial

Prevalent has enhanced our process and reduced turnaround times immensely.

— Security Manager, S&P 500 Pharmaceuticals Company

Prevalent Case Study

S&P 500 Pharmaceuticals Company

Introduction

This case study of a S&P 500 pharmaceuticals company is based on a June 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“It has enhanced it and reduced turnaround times immensly.”

Challenges

Their primary vendor risk assessment pain points were:
- Too much time spent manually onboarding new vendors
- Complex, manual assessment processes (e.g., using spreadsheets)

Use Case

Currently assessing their vendors for the following:
- Cybersecurity

Results

Level of agreement:
- Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks: strongly agree
- Prevalent provides the real-time cybersecurity, reputational and financial intelligence they need: agree
Prevalent is critical on the following vendor lifecycle stages:
- Intake and vendor onboarding: essential
  **Scoring inherent risks: very Important
- Assessing vendors and remediating risks: critical
Strongly agree with the following:
- Prevalent allows us to do our job more effectively
- Prevalent’s vendor risk assessment process is invaluable to our group
- Prevalent reduced the time and complexity required to perform vendor risk assessments
We have realized major cost savings with Prevalent’s vendor risk management process.: agree

Prevalent Pharmaceutical Customers

Read how Prevalent's customers in the pharmaceutical industry are benefiting from our third-party risk management platform.

Prevalent Provides Visibility into Third-Party Risks

Prevalent Delivers Automation for Third-Party Risk Management

Prevalent Delivers an Easy-to-Use Solution for Simplifying Vendor Risk Management

Global 500 Pharmaceuticals Company

Introduction

Challenges

Use Case

Results

Company Profile

About Prevalent

Large Enterprise Pharmaceuticals Company

Introduction

Challenges

Use Case

Results

Company Profile

About Prevalent

S&P 500 Pharmaceuticals Company

Introduction

Challenges

Use Case

Results

Company Profile

About Prevalent

Prevalent Simplifies Audits

S&P 500 Pharmaceuticals Company

Introduction

Challenges

Use Case

Results

Company Profile

About Prevalent