As we process more and more information be that client, financial, product or HR, we find ourselves increasingly dependent upon suppliers and other third parties. Such parties may have either direct or indirect access to our organisation’s information and information systems, or may be providing software, hardware, processes or human resources that will be involved in information processing.

So, when you assess the security and the privacy of your information, you need to ensure you fully assess the risks posed by suppliers and others. As with the adage ‘you are only as strong as your weakest link’, suppliers may well represent your greatest vulnerability.

As such, the supplier due diligence aspect of risk management is absolutely paramount in ensuring that your suppliers have the required and appropriate measures in place for information security, privacy and data protection. One of the key challenges in conducting supplier due diligence, however, is ensuring that your assessment (often in the form of questionnaires) is tailored to the role of that supplier or third party and what information they have access to.

Many organisations use the same questionnaire for all suppliers. This results in something which is overkill for low-risk suppliers (e.g. suppliers of office stationery) and not sufficiently detailed for a high-risk supplier or partner (e.g. new hosting provider).

How can supplier risk management software or tools help?

Supplier risk management software can help organisations to automate the due diligence and monitoring tasks and be able to centralise risk management in one place.

In addition, risk management processes can be streamlined and efficiency can be significantly improved, particularly in repetitive and time-consuming administrative tasks. Reporting is another area where risk management software can dramatically reduce the time and effort involved.

Download Abriska 27036 Product Sheet

Abriska 27036 overview

We were impressed with the implementation and management of the Abriska tool. The service we have received is of a high quality due to the Team’s attention to detail, proactiveness and implementation of enhancement requests from the dev side. The Board is also impressed with the tool and is looking to complete an organisation-wide implementation soon. We will definitely recommend other charity contacts to use the tool, as it is well priced and comes with excellent customer service.

Masonic Charitable Foundation