Prevalent Professional Services Customers

Introduction

This case study of a large enterprise professional services company is based on an October 2019 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Prevalent:

• Top driver for purchasing their Prevalent third-party risk management solution:
  • Compliance – reporting against specific regulatory or industry framework requirements
• Challenge that deploying Prevalent solved for their organization:
  • A limited ability to continuously monitor vendors

Use Case

• Regulation or industry framework they must regularly report against:
  • ISO 27001
• Looking to grow the number of vendors they assess in the next 12 months by 11-25%.

Results

The surveyed company achieved the following results with Prevalent:

• The following Prevalent capabilities in terms of how differentiated they are compared to the competition:
  • Assessment scheduling and automated chasing reminders: differentiated
  • Automated risk and compliance register: differentiated
  • Centralized document/evidence management: differentiated
  • Create tasks, flags, and risks based on results of assessment responses in risk register: differentiated
  • Identify key controls and apply reporting to the most critical relevant risks: differentiated
  • In-solution communication with suppliers on remediating risks: differentiated
  • Scan third-party networks and apply business intelligence to provide and “outside-in” weighted score of risks: differentiated
  • Map results to regulatory and industry frameworks like ISO, NIST, GDPR, CoBiT 5, SSAE 18, SIG, SIG Lite, NYDFS for reporting purposes: differentiated
  • Identify and visualize relationships between entities to demonstrate dependencies and flows of information: differentiated
  • User dashboard of tasks, schedules, risk activities, survey completion status, agreements, and documents: differentiated
• How long it took to complete an assessment:
  • Before deploying Prevalent: more than a month
  • After deploying Prevalent: 2-3 weeks
• Saved several days per assessment on average by utilizing the Prevalent Platform.

Introduction

This case study of a large enterprise professional services company is based on an October 2019 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Prevalent:

• Top drivers for purchasing their Prevalent third-party risk management solution:
  • Compliance – reporting against specific regulatory or industry framework requirements
  • Reduce operational burden (the process of assessing and evaluating vendors took too much time and resources)
• Challenges that deploying Prevalent solved for their organization:
  • A limited ability to continuously monitor vendors
  • An inability to share completed assessment content and supporting evidence to more quickly identify risks and vulnerabilities
• Vendors evaluated before choosing Prevalent:
  • Dell RSA Archer

Use Case

• Regulations or industry frameworks they must regularly report against:
  • ISO 27001

Results

The surveyed company achieved the following results with Prevalent:

• The following Prevalent capabilities in terms of how differentiated they are compared to the competition:
  • Create tasks, flags, and risks based on results of assessment responses in risk register: differentiated
  • Identify key controls and apply reporting to the most critical relevant risks: differentiated
  • Scan third-party networks and apply business intelligence to provide and “outside-in” weighted score of risks: differentiated

Introduction

This case study of a medium enterprise professional services company is based on an October 2019 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Prevalent:

• Top drivers for purchasing their Prevalent third-party risk management solution:
  • Stronger cybersecurity, to ensure that third parties do not introduce cyber risks that could negatively impact the business
  • Reduce operational burden (the process of assessing and evaluating vendors took too much time and resources)
  • Greater risk-based intelligence
• Challenges that deploying Prevalent or 3GRC solved for their organization:
  • A lack of automation in collecting and analyzing vendor surveys
  • A limited ability to continuously monitor vendors
  • A lack of insights to make risk-based decisions
  • An inability to share completed assessment content and supporting evidence to more quickly identify risks and vulnerabilities
  • An inconsistent methodology for vendor risk management

Use Case

• Regulations or industry frameworks they must regularly report against:
  • GDPR
  • HIPAA
  • ISO 27001
• Looking to grow the number of vendors they assess in the next 12 months by 0-10%.

Results

The surveyed company achieved the following results with Prevalent:

• Saved more than 1 week per assessment on average by utilizing the Prevalent Platform.

Introduction

This case study of a medium enterprise professional services company is based on an October 2019 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Prevalent:

• Top drivers for purchasing their Prevalent third-party risk management solution:
  • Compliance – reporting against specific regulatory or industry framework requirements
  • Stronger cybersecurity, to ensure that third parties do not introduce cyber risks that could negatively impact the business
  • Reduce operational burden (the process of assessing and evaluating vendors took too much time and resources)
  • Greater risk-based intelligence
• Challenges that deploying Prevalent solved for their organization:
  • A limited ability to continuously monitor vendors
  • A lack of guidance in addressing industry standards or third-party regulatory compliance requirements for cyber risk, InfoSec, or data privacy
  • Having no centralization of TPRM functions

Use Case

The key features and functionalities of Prevalent that the surveyed company uses:

• Regulations or industry frameworks they must regularly report against:
  • GDPR
  • ISO 27001
• Looking to grow the number of vendors they assess in the next 12 months by 11-25%.

Results

The surveyed company achieved the following results with Prevalent:

• The following Prevalent capabilities in terms of how differentiated they are compared to the competition:
  • Assessment scheduling and automated chasing reminders: differentiated
  • Automated risk and compliance register: differentiated
  • Centralized document/evidence management: very differentiated
  • Create tasks, flags, and risks based on results of assessment responses in risk register: very differentiated
  • Identify key controls and apply reporting to the most critical relevant risks: differentiated
  • In-solution communication with suppliers on remediating risks: very differentiated
  • Scan third-party networks and apply business intelligence to provide and “outside-in” weighted score of risks: very differentiated
  • Map results to regulatory and industry frameworks like ISO, NIST, GDPR, CoBiT 5, SSAE 18, SIG, SIG Lite, NYDFS for reporting purposes: very differentiated
  • Identify and visualize relationships between entities to demonstrate dependencies and flows of information: very differentiated
  • User dashboard of tasks, schedules, risk activities, survey completion status, agreements, and documents: very differentiated
• How long it took to complete an assessment:
  • Before deploying Prevalent: 2-3 weeks
  • After deploying Prevalent: 1-2 weeks
• Saved about 1 week per assessment on average by utilizing the Prevalent Platform.

Introduction

This case study of a large enterprise professional services company is based on a June 2020 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Prevalent:

• Turnaround time from assessment submission to receiving an adequately completed assessment:
  • Prior to using Prevalent: 11-20 days per assessment
• Reasons they were not able to complete more assessments prior to utilizing Prevalent:
  • A lack of staffing

Use Case

The key features and functionalities of Prevalent that the surveyed company uses:

• Prior to utilizing Prevalent, they were able to complete 1-10 assessments per year.
• Able to complete 21-50 assessments per year since they began utilizing Prevalent for managed collection and analysis services.

Results

The surveyed company achieved the following results with Prevalent:

• Turnaround time from assessment submission to receiving an adequately completed assessment:
  • Since using Prevalent: 6-10 days per assessment
• Now that they are utilizing Prevalent:
  • Confirmed that with the same resources, they are now able to spend time mitigating risks as opposed to validating information. They are focused on the right things
• Prevalent capabilities in terms of how differentiated they are compared to the competition:
  • Vendor Onboarding: differentiated
  • Vendor Assessment & Evidence Collection: very differentiated
  • Vendor Evidence Review & Analysis: very differentiated
  • Vendor Remediation & Recommendations: very differentiated
  • Program & Actionable Reporting: highly differentiated
• They are looking to grow the number of vendors they assess in the next year by 1-10%.

Introduction

This case study of a medium enterprise legal company is based on a June 2020 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Prevalent:

• Time on average devoted to sending assessments, finding and interacting with contacts, and verifying that questions were adequately answered:
  • Prior to using Prevalent: more than 8 hours per vendor
• Reasons they were not able to complete more assessments prior to utilizing Prevalent:
  • A lack of staffing
• Turnaround time from assessment submission to receiving an adequately completed assessment:
  • Prior to using Prevalent: More than 20 days per assessment

Use Case

The key features and functionalities of Prevalent that the surveyed company uses:

• Vendors evaluated before ultimately choosing Prevalent:
  • CyberGRX

Results

The surveyed company achieved the following results with Prevalent:

• Time on average devoted to sending assessments, finding and interacting with contacts, and verifying that questions were adequately answered:
  • Since using Prevalent: 4-5 hours per vendor
• Turnaround time from assessment submission to receiving an adequately completed assessment:
  • Since using Prevalent: 6-10 days per assessment
• Able to complete 11-20 assessments per year since they began utilizing Prevalent for managed collection and analysis services.
• Now that they are utilizing Prevalent:
  • They require fewer resources dedicated to collecting and analyzing questionnaires and vendor-submitted evidence
  • Confirmed that with the same resources, they are now able to spend time mitigating risks as opposed to validating information. They are focused on the right things
• Prevalent capabilities in terms of how differentiated they are compared to the competition:
  • Vendor Onboarding: highly differentiated
  • Vendor Assessment & Evidence Collection: highly differentiated
  • Vendor Evidence Review & Analysis: highly differentiated
  • Vendor Remediation & Recommendations: differentiated
  • Program & Actionable Reporting: differentiated
• They are looking to grow the number of vendors they assess in the next year by We are not planning to grow the number of vendors we are assessing in the next year.

Introduction

This case study of a large enterprise professional services company is based on a June 2020 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Prevalent:

• Time on average devoted to sending assessments, finding and interacting with contacts, and verifying that questions were adequately answered:
  • Prior to using Prevalent: 4-5 hours per vendor
• Reasons they were not able to complete more assessments prior to utilizing Prevalent:
  • A lack of staffing
  • Not enough time
• Turnaround time from assessment submission to receiving an adequately completed assessment:
  • Prior to using Prevalent: More than 20 days per assessment

Use Case

The key features and functionalities of Prevalent that the surveyed company uses:

• Prior to utilizing Prevalent, they were able to complete 21-50 assessments per year.
• Able to complete 50 or more assessments per year since they began utilizing Prevalent for managed collection and analysis services.

Results

The surveyed company achieved the following results with Prevalent:

• Time on average devoted to sending assessments, finding and interacting with contacts, and verifying that questions were adequately answered:
  • Since using Prevalent: 1 hour or less per vendor
• Turnaround time from assessment submission to receiving an adequately completed assessment:
  • Since using Prevalent: 11-20 days per assessment
• Now that they are utilizing Prevalent:
  • Confirmed that with the same resources, they are now able to spend time mitigating risks as opposed to validating information. They are focused on the right things
• Prevalent capabilities in terms of how differentiated they are compared to the competition:
  • Vendor Onboarding: very differentiated
  • Vendor Assessment & Evidence Collection: differentiated
  • Program & Actionable Reporting: differentiated
• They are looking to grow the number of vendors they assess in the next year by 11-25%.

Introduction

This case study of a large enterprise professional services company is based on a June 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

Their primary vendor risk assessment pain points were:

• Too much time spent scouring through disconnected sources of information to make good risk-based vendor selection decisions
• Complex, manual assessment processes (e.g., using spreadsheets)

Estimated time spent on vendor intake and onboarding:

• Before Prevalent: 1 week+
• Since Prevalent: 1 day+

Use Case

Currently assessing their vendors for the following:

• Cybersecurity
• Data Privacy

Results

Prevalent’s level of importance on the following vendor lifecycle stages:

• Important for intake and vendor onboarding
• Important for scoring inherent risks: very Important
• Very important for assessing vendors and remediating risks
• Important in offboarding and termination of vendors

Agrees with Prevalent’s abilities and results:

• Prevalent allows us to do our job more effectively
• Prevalent’s vendor risk assessment process is invaluable to our group
• Prevalent reduced the time and complexity required to perform vendor risk assessments
• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks
• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks

Introduction

This case study of a large enterprise professional services company is based on a June 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

Their primary vendor risk assessment pain points were:

• Complex, manual assessment processes (e.g., using spreadsheets)

Use Case

Currently assessing their vendors for the following:

• Cybersecurity

Results

Prevalent is critical on the following vendor lifecycle stages:

• Sourcing and selection of vendors
• Intake and vendor onboarding
• Scoring inherent risks
• Assessing vendors and remediating risks
• Continuously monitoring for vendor cybersecurity, reputational and financial risks
• Managing ongoing vendor performance and SLAs
• Offboarding and termination of vendors

Agrees with Prevalent’s abilities and results:

• Prevalent allows us to do our job more effectively
• Prevalent’s vendor risk assessment process is invaluable to our group
• Prevalent reduced the time and complexity required to perform vendor risk assessments
• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks
• Prevalent provides the real-time cybersecurity, reputational and financial intelligence they need
• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks
• Prevalent provides a programmatic process to offboard vendors that reduces risk

Introduction

This case study of a small business professional services company is based on a June 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

Their primary vendor risk assessment pain points were:

• Too much time spent scouring through disconnected sources of information to make good risk-based vendor selection decisions
• Too much time spent manually onboarding new vendors

Estimated time spent on vendor sourcing and selection:

• Before Prevalent: 1 week+
• Since Prevalent: 2-4 hours

Estimated time spent on vendor intake and onboarding:

• Before Prevalent: 1 week+
• Since Prevalent: 1 day+

Use Case

Currently assessing their vendors for the following:

• Cybersecurity
• Data Privacy
• Financial & Credit

Results

Prevalent’s level of importance on the following vendor lifecycle stages:

• Critical for sourcing and selection of vendors
• Essential for intake and vendor onboarding
• Important for scoring inherent risks
• Important for assessing vendors and remediating risks
• Critical for continuously monitoring for vendor cybersecurity, reputational and financial risks

Agrees with Prevalent’s abilities and results:

• Prevalent allows us to do our job more effectively
• Prevalent’s vendor risk assessment process is invaluable to our group
• Prevalent reduced the time and complexity required to perform vendor risk assessments
• They have realized major cost savings with Prevalent’s vendor risk management process
• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks
• Prevalent provides the real-time cybersecurity, reputational and financial intelligence they need
• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks

Introduction

This case study of a large enterprise professional services company is based on a June 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

Their primary vendor risk assessment pain points were:

• Too much time spent scouring through disconnected sources of information to make good risk-based vendor selection decisions
• Too much time sending reminders/getting responses to risk assessments

Estimated time spent on vendor intake and onboarding:

• Before Prevalent: 4+ hours
• Since Prevalent: 2-4 hours

Use Case

Currently assessing their vendors for the following:

• Business Resilience
• Cybersecurity
• Data Privacy
• Financial & Credit
• Reputation

Results

Prevalent’s level of importance on the following vendor lifecycle stages:

• Very important for sourcing and selection of vendors
• Critical for intake and vendor onboarding
• Essential for scoring inherent risks
• Essential for assessing vendors and remediating risks
• Critical for continuously monitoring for vendor cybersecurity, reputational and financial risks

Agrees with Prevalent’s abilities and results:

• Prevalent allows us to do our job more effectively
• Prevalent’s vendor risk assessment process is invaluable to our group
• Prevalent reduced the time and complexity required to perform vendor risk assessments
• They have realized major cost savings with Prevalent’s vendor risk management process.
• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks
• Prevalent provides the real-time cybersecurity, reputational and financial intelligence they need

Introduction

This case study of a medium enterprise professional services company is based on a June 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

Their primary vendor risk assessment pain points were:

• Too much time spent scouring through disconnected sources of information to make good risk-based vendor selection decisions
• Lack of visibility into the baseline risks with a new vendor
• Complex, manual assessment processes (e.g., using spreadsheets)
• No real-time insight into vendor cyber, reputational, and/or financial risks

Estimated time spent on vendor sourcing and selection:

• Before Prevalent: 1 day+
• Since Prevalent: 2-4 hours

Estimated time spent on vendor intake and onboarding:

• Before Prevalent: 1 week+
• Since Prevalent: 1 day+

Use Case

Currently assessing their vendors for the following:

• Business Resilience
• Cybersecurity
• Data Privacy
• Reputation

Results

Prevalent’s level of importance on the following vendor lifecycle stages:

• Very important for sourcing and selection of vendors
• Essential for scoring inherent risks
• Critical for assessing vendors and remediating risks
• Essential for continuously monitoring for vendor cybersecurity, reputational and financial risks
• Very important for managing ongoing vendor performance and SLAs
• Important for offboarding and termination of vendors

Agrees with Prevalent’s abilities and results:

• Prevalent allows us to do our job more effectively
• Prevalent’s vendor risk assessment process is invaluable to our group
• Prevalent reduced the time and complexity required to perform vendor risk assessments
• They have realized major cost savings with Prevalent’s vendor risk management process
• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks
• Prevalent provides the real-time cybersecurity, reputational and financial intelligence they need
• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks
• Prevalent provides a programmatic process to offboard vendors that reduces risk

Introduction

This case study of a medium enterprise professional services company is based on a June 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

Their primary vendor risk assessment pain points were:

• Too much time spent manually onboarding new vendors

Estimated time spent on vendor sourcing and selection:

• Before Prevalent: 1 week+
• Since Prevalent: 1 day+

Estimated time spent on vendor intake and onboarding:

• Before Prevalent: 1 week+
• Since Prevalent: 1 day+

Use Case

Currently assessing their vendors for the following:

• Cybersecurity
• Data Privacy

Results

Prevalent is considered very important for the following vendor lifecycle stages:

• Intake and vendor onboarding
• Scoring inherent risks
• Assessing vendors and remediating risks
• Continuously monitoring for vendor cybersecurity, reputational and financial risks

Agrees with Prevalent’s abilities and results:

• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks: agree
• Prevalent provides the real-time cybersecurity, reputational and financial intelligence they need: agree

Introduction

This case study of a small business professional services company is based on a June 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

Their primary vendor risk assessment pain points were:

• Too much time spent scouring through disconnected sources of information to make good risk-based vendor selection decisions
• Too much time spent manually onboarding new vendors
• Lack of visibility into the baseline risks with a new vendor
• Complex, manual assessment processes (e.g., using spreadsheets)
• No real-time insight into vendor cyber, reputational, and/or financial risks

Estimated time spent on vendor sourcing and selection:

• Before Prevalent: 1 week+
• Since Prevalent: 4+ hours

Estimated time spent on vendor intake and onboarding:

• Before Prevalent: 1 week+
• Since Prevalent: 4+ hours

Use Case

Currently assessing their vendors for the following:

• Cybersecurity
• Data Privacy
• Reputation

Results

Prevalent’s level of importance on the following vendor lifecycle stages:

• Very important for sourcing and selection of vendors
• Essential for intake and vendor onboarding
• Essential for scoring inherent risks
• Essentialassessing vendors and remediating risks
• Criticalcontinuously monitoring for vendor cybersecurity, reputational and financial risks

Agrees with Prevalent’s abilities and results:

• Prevalent allows us to do our job more effectively
• Prevalent’s vendor risk assessment process is invaluable to our group
• Prevalent reduced the time and complexity required to perform vendor risk assessments:
• They have realized major cost savings with Prevalent’s vendor risk management process
• Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks
• Prevalent provides the real-time cybersecurity, reputational and financial intelligence they need

Introduction

This case study of a medium enterprise professional services company is based on a June 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

• Their primary vendor risk assessment pain points were:
  • Too much time spent scouring through disconnected sources of information to make good risk-based vendor selection decisions
  • Too much time spent manually onboarding new vendors
  • Lack of visibility into the baseline risks with a new vendor
  • Complex, manual assessment processes (e.g., using spreadsheets)
  • No real-time insight into vendor cyber, reputational and/or financial risks
• Estimated time spent on vendor sourcing and selection:
  • Before Prevalent: 1 week or more
  • Since Prevalent: 1 day+
• Estimated time spent on vendor intake and onboarding:
  • Before Prevalent: 1 week+
  • Since Prevalent: 1 day+

Use Case

• Currently assessing their vendors for the following:
  • Cybersecurity
  • Data Privacy

Results

• Prevalent is critical on the following vendor lifecycle stages:
  • Sourcing and selection of vendors: critical
    **Intake and vendor onboarding: very Important
  • Scoring inherent risks: very Important
  • Assessing vendors and remediating risks: very Important
  • Continuously monitoring for vendor cybersecurity, reputational and financial risks: important
• Level of agreement:
  • Prevalent allows us to do our job more effectively: agree
  • Prevalent’s vendor risk assessment process is invaluable to our group: strongly agree
  • Prevalent reduced the time and complexity required to perform vendor risk assessments: strongly agree

Introduction

This case study of a large enterprise professional services company is based on a June 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

• Their primary vendor risk assessment pain points were:
  • Too much time spent scouring through disconnected sources of information to make good risk-based vendor selection decisions
  • Too much time spent manually onboarding new vendors
  • Complex, manual assessment processes (e.g., using spreadsheets)
  • No real-time insight into vendor cyber, reputational and/or financial risks
• Estimated time spent on vendor sourcing and selection:
  • Before Prevalent: 4+ hours
  • Since Prevalent: 2-4 hours
• Estimated time spent on vendor intake and onboarding:
  • Before Prevalent: 2-4 hours
  • Since Prevalent: less than 1 hour

Use Case

• Currently assessing their vendors for the following:
  • Business Resilience
  • Cybersecurity
  • Data Privacy

Results

• Level of agreement:
  • Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks: agree
  • Prevalent provides the real-time cybersecurity, reputational and financial intelligence they need: agree
  • Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks: agree
  • Prevalent provides a programmatic process to offboard vendors that reduces risk: agree
• Prevalent is critical on the following vendor lifecycle stages:
  • Sourcing and selection of vendors: important
  • Intake and vendor onboarding: very Important
  • Scoring inherent risks: critical
  • Assessing vendors and remediating risks: very Important
  • Continuously monitoring for vendor cybersecurity, reputational and financial risks: critical
  • Managing ongoing vendor performance and SLAs: important
• Level of agreement:
  • Prevalent allows us to do our job more effectively: agree
  • Prevalent’s vendor risk assessment process is invaluable to our group: agree
  • Prevalent reduced the time and complexity required to perform vendor risk assessments: agree

Introduction

This case study of a large enterprise professional services company is based on a July 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

• Their primary vendor risk assessment pain points were:
  • Too much time spent scouring through disconnected sources of information to make good risk-based vendor selection decisions
  • Too much time spent manually onboarding new vendors
  • Complex, manual assessment processes (e.g., using spreadsheets)
• Estimated time spent on vendor sourcing and selection:
  • Before Prevalent: 1 day+
  • Since Prevalent: 2-4 hours

Use Case

• Currently assessing their vendors for the following:
  • Business Resilience
  • Cybersecurity
  • Data Privacy

Results

• Level of agreement:
  • Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks: agree
  • Prevalent provides a programmatic process to offboard vendors that reduces risk: agree
• Prevalent is critical on the following vendor lifecycle stages:
  • Intake and vendor onboarding: important
  • Scoring inherent risks: important
  • Assessing vendors and remediating risks: important
• Level of agreement:
  • Prevalent allows us to do our job more effectively: agree
  • Prevalent’s vendor risk assessment process is invaluable to our group: agree
  • Prevalent reduced the time and complexity required to perform vendor risk assessments: agree

Introduction

This case study of a large enterprise professional services company is based on a July 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

• Their primary vendor risk assessment pain points were:
  • Lack of visibility into the baseline risks with a new vendor
  • No real-time insight into vendor cyber, reputational and/or financial risks
• Estimated time spent on vendor sourcing and selection:
  • Before Prevalent: 1 week or more
  • Since Prevalent: 1 day+
• Estimated time spent on vendor intake and onboarding:
  • Before Prevalent: 1 week+
  • Since Prevalent: 1 day+

Use Case

• Currently assessing their vendors for the following:
  • Business Resilience
  • Cybersecurity
  • Data Privacy

Results

• Level of agreement:
  • Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks: agree
  • Prevalent provides the real-time cybersecurity, reputational and financial intelligence they need: agree
  • Prevalent provides a programmatic process to offboard vendors that reduces risk: agree
• Prevalent is critical on the following vendor lifecycle stages:
  • Sourcing and selection of vendors: important
  • Intake and vendor onboarding: important
  • Scoring inherent risks: important
  • Assessing vendors and remediating risks: important
  • Continuously monitoring for vendor cybersecurity, reputational and financial risks: important
  • Managing ongoing vendor performance and SLAs: important
  • Offboarding and termination of vendors: important
• Level of agreement:
  • Prevalent allows us to do our job more effectively: agree
  • Prevalent’s vendor risk assessment process is invaluable to our group: strongly agree
  • Prevalent reduced the time and complexity required to perform vendor risk assessments: agree
  • We have realized major cost savings with Prevalent’s vendor risk management process.: agree

Introduction

This case study of a large enterprise professional services company is based on a July 2021 survey of Prevalent customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

Challenges

• Their primary vendor risk assessment pain points were:
  • Too much time spent scouring through disconnected sources of information to make good risk-based vendor selection decisions
  • Too much time spent manually onboarding new vendors
  • Lack of visibility into the baseline risks with a new vendor
  • Complex, manual assessment processes (e.g., using spreadsheets)

Use Case

• Currently assessing their vendors for the following:
  • Cybersecurity
  • Data Privacy

Results

• Level of agreement:
  • Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks: strongly agree
  • Prevalent provides the real-time cybersecurity, reputational and financial intelligence they need: strongly agree
  • Prevalent provides the inherent risk visibility they need to focus on specific areas of their vendors’ risks: strongly agree
  • Prevalent provides a programmatic process to offboard vendors that reduces risk: strongly agree
• Prevelant is critical on the following vendor lifecycle stages:
  • Sourcing and selection of vendors: important
  • Intake and vendor onboarding: essential
  • Scoring inherent risks: essential
  • Assessing vendors and remediating risks: essential
  • Continuously monitoring for vendor cybersecurity, reputational and financial risks: essential
  • Managing ongoing vendor performance and SLAs: very Important
  • Offboarding and termination of vendors: very Important
• Level of agreement:
  • Prevalent allows us to do our job more effectively: strongly agree
  • Prevalent’s vendor risk assessment process is invaluable to our group: strongly agree
  • Prevalent reduced the time and complexity required to perform vendor risk assessments: strongly agree
  • We have realized major cost savings with Prevalent’s vendor risk management process.: strongly agree