Vector
Vector

Choose a topic

What resources are you looking for?

News
The race for GDPR compliance

The European Union (EU) is getting serious about data privacy. With a new regulatory regime set to go into effect in late May, organizations are scrambling to complete compliance projects.

Compliance
eBook
EBook - The Ultimate Guide: The Definitive Third-Party Risk Management Maturity Journey

In our latest guide, we explore how to improve your vendor risk management program with SureCloud’s practical 7 stage model. Read more here.

Third-Party Risk
eBook
eBook - The Definitive IT Compliance Management Maturity Journey

In our latest expert guide, we explore how to improve your compliance management program with SureCloud’s practical 7 stage model. Read more.

Compliance
Template
Template - Third-Party Tiering Assessment Template

Our helpful template allows you to gain 100% vendor coverage and prioritise your vendors effectively. Download your copy here!

Third-Party Risk
eBook
eBook - Choosing the Right Governance, Risk & Compliance (GRC) Tool

Our experts provide insight into how to pick the right GRC tool for your organization. Learn more about what makes a good GRC Platform.

GRC
eBook
eBook - Re-certifying ISO27001

Download our ISO Guide that provides insight and tips for businesses to follow while working towards ISO re-certification remotely.

Cybersecurity
Checklist
Checklist - Get Really Organised For ISMS Audit

Our checklist will get you organised for an ISMS audit. Divided into People, Process and Technology making your to-do list easier to manage

Cybersecurity
Datasheet
Datasheet - Secure Controls Framework (SCF)

SureCloud users can now utilise the SCF control content and mapping into their SureCloud Compliance Management solution. Download the datasheet here.

CCM Compliance
eBook
eBook - Selecting the Right Third-Party Risk Tool

Our latest guide provides expert insight on the do’s and don’ts when choosing a third-party risk management tool. Download here!

Third-Party Risk
GRC, Third-Party Risk

SureCloud Adds Third Party Assurance Capability to Collaborative Compliance Platform

SureCloud Adds Third Party Assurance Capability to Collaborative Compliance Platform
Written by

SureCloud

Published on

28 Mar 2024

SureCloud Adds Third Party Assurance Capability to Collaborative Compliance Platform

 
 

SureCloud®, a supplier of IT Governance, Risk and Compliance (GRC) solutions, today announced the immediate availability of Compliance Manager as part of its SaaS-based Collaborative Compliance Platform™. Compliance Manager offers a practical and proven alternative to the currently available IT GRC options. It is designed for organisations that need to implement a number of IT GRC processes within a short time frame and at a reasonable price.

 

Any process, for example Compliance Auditing, Incident Response, Policy Compliance or Risk Management, can be automated simply with Forms, Workflows and User Definable Dashboards. Third Party Assurance capabilities, targeted at helping enterprise organisations automate and efficiently manage their third party assurance programmes, further extends the capabilities of the Compliance Manager module.

 

In 2012 the average cost of each security incident at a major enterprise is estimated to be between £110,000 and £250,000*. A large number of major enterprise breaches originate in third party suppliers; while large organisations usually have dedicated security teams and a range of sophisticated security audit tools at their disposal many of their smaller third party suppliers do not, and since sensitive information is being shared with them, they have to be assessed for risk. The standard method for performing these risk assessments is to ask external suppliers to complete a set of manually created spreadsheet-based questionnaires. For some organisations the number of third party suppliers can run into thousands, making the process extremely time consuming, labour intensive, inefficient and expensive.  With the Compliance Manager module organisations can create any number of user-defined questionnaire templates and simply distribute, collate, track and manage them all within a single cloud-based collaborative environment.

 

“Large organisations can spend many man hours manually creating and tracking spreadsheet-based security questionnaires for third parties with little control over how they assign or monitor actions,” said Nick Rafferty, Chief Operating Officer at SureCloud. “SureCloud’s Compliance Manager allows them to track responses, manage outstanding tasks and access management information across all suppliers in real-time from a single dashboard. As a result of introducing an efficient Third Party Assurance process, organisations can massively reduce the time and cost of running these programmes.”

 

SureCloud’s Compliance Manager extends compliance support for Third Party Assurance processes – all managed within a single, fully-customisable platform. Questionnaires can be instantly generated with granular permissions to control exactly what each third party can view and update. Third parties are given controlled access to the Collaborative Compliance Platform to complete their questionnaires and upload supporting evidence where appropriate.

 

 

The Compliance Manager now offers the following enhanced features and benefits:

  • Actions can be allocated to third parties based on their response (or lack of response) to security questionnaires
  • Auditors and third parties alike can manage and track actions from start to finish
  • Dashboards provide a real-time summary of the Third Party Assurance Initiatives; obviating the labour intensive, manual process of summarising data from spreadsheets – for example, identifying common areas of compliance failure across thousands of suppliers
  • User based pricing allows organisations a lower entry point to get themselves up and running quickly

 

SureCloud’s Collaborative Compliance Platform is a SaaS-based pay-as-you-go offering that allows businesses of all sizes to access a range of IT GRC and information security solutions (such as vulnerability management) as well as gain real-time actionable intelligence relating to their compliance status.

 

 

 

About SureCloud

SureCloud supplies a Software-as-a-Service solution that enables organisations to greatly simplify and cost-effectively manage their IT Governance, Risk and Compliance (IT GRC) initiatives. Established in 2006, SureCloud is a British company based in Reading, Berks, with more than 250 customers throughout the UK from the Retail, Financial Services and Government sectors, including a large number of local authorities.

https://www.pwc.co.uk/en_UK/uk/assets/pdf/olpapp/uk-information-security…  PwC Information security breaches survey – April 2012