Visit a vendor's website, pull all the policies and documentation available, look for security certs, try to find contact information for the privacy officer.
Dig through network traffic, pull data breaches from expensive APIs, look through government websites and news reports for data breaches or other risky behavior
Realize there are limitations to what's possible with public information alone, pulling from APIs leads to technical hurdles, and sometimes you just need to verify with a human
Take everything you've learned, put it together into a spreadsheet to share with your team and document for later, realizing that this spreadsheet will automatically become unusable in the future
After reviewing all the documentation, comparing it against previous years and/or competitive products, make a subjective decision about risk based on your professional experience
According to Verizon's Data Breach Investigative Report, more than 62 percent of data breaches are caused by interactions with a third-party service provider, and experts believe that is conservative. How well do you know your vendors? Our vendor report provides you with insight into all of your vendors, their vendors, and beyond.
Can't figure out how to get in touch with the privacy office at a company? Tired of digging around sourcing websites? Search our directory instead of digging around the web trying to find information about how to get in touch with any one given vendor.
Knowing where your data is stored reduces data privacy and data transfer risk across the globe. Whether processed or controlled, we have mapped out companies data centers, as well as the data centers of their vendors, making it easy for you to understand where your data is being stored.
We pull from, and aggregate, multiple data breach archives providing you with all the publicly available breaches we can find so you can make a better assessment about how much you can trust a company with your data.
Stop chasing down policies and reading each one individually to check for the differences. Our policy analysis system will help you keep up to date and understand what risks are involved in the way the policy is written, what might be missing, how long it will take to read and comprehend, and other critical info to assess risk.
Defining risk within your existing vendors is enough work, forget about having to ever do procurement risk assessments again. Leverage our database connect common products with their alternatives and all the information you need to make informed decisions.