Skip to content

Featured Search

Vendor risk management

Third-party vendors. First-rate risk management.

Third-party vendor relationships are more complex than ever, with growing pressure from stakeholders and regulators. Our vendor risk management solution enables you to manage and optimise your vendor relationships.

Take a product tour

Know your vendors

Ensure 360-degree awareness of your vendor relationships to pinpoint risks.

  • Identify weaknesses in doing business with critical third party vendors

  • Visualise fourth party concentration to identify risks

  • Prioritise and manage risk remediation

  • Maintain accurate documentation of vendor assessments, issues, and communications

  • Directly link vendor management to your operational resilience and business continuity planning

  • Enable seamless vendor access via SSO to streamline real-time data sharing between relationship owners and vendors

Assess and monitor

Use vendor-sourced data and integrated security ratings intelligence to establish aggregated risk ratings and monitor emerging issues.

  • Rate vendors across all risks – financial, policy, security and operational

  • Stay ahead of future problems through automated vendor security and regulatory questionnaire engine

  • Challenge or validate vendor claims with external cybersecurity ratings data

  • Schedule internal reviews of performance, impact and status, in order to monitor and assess vendor contract service levels on an ongoing basis

Act and communicate

Ensure rapid response times and seamless communications through user-centric interfaces, powerful dashboards and reports that keep you aware of developments and issues as soon as they arise.

  • Engage staff through role-based dashboards

  • Provide holistic insights through connected data

  • Optimise productivity with workflow alerts and reminders

  • Manage reporting with consolidated information and powerful visual reports

Ensure compliance with cybersecurity and regulatory standards

Comply with current and expected regulatory requirements in place in your industry, including ESG and modern slavery legislation.

  • CISC – Critical infrastructure risk management program rules

  • APRA – CPS 234 (Information Security), CPS 231 (Outsourcing), CPS 230 (Operational risk management)

  • ASIC – Cyber resilience good practices

  • Ensure CPS 230 compliance with our APRA-aligned report, making it easy to submit your material service provider register

Vendor risk management brochure.

Find out how our vendor risk management solution allows you to manage vendor risk and avoid disruption.

Read brochure

Vendor risk management eBook.

Why and how to build an effective third-party vendor risk management program.

Read eBook

Take a product tour.

Our recorded product tour demonstration video takes you through the key areas of our vendor risk management solution.

Take a product tour

Buyer’s guide.

What an ERM solution is, why you need one, and how to make the right choice.

Get the buyer’s guide

Protecht ERM: End-to-end visibility and management of vendor risk

Structured data

A holistic picture of vendor risk management across your organisation.

  • Centralise vendor details, questionnaires, ongoing assessments, contracts and documents
  • Easily manage vendor actions, incidents, findings and issues, renewals
  • Integrate with external ratings data of a vendor’s cybersecurity posture across several risk factors
  • Link to centrally controlled risks, controls, obligations
  • Integrate with IT risk, resilience and business continuity management 

Learn more

Actionable insights

Granular and holistic insights across the spectrum of vendor risk management.

  • Health of your entire vendor portfolio 
  • Insights on vendor management, risks, questionnaires, and reviews 
  • Easily track and report on vendor findings and issues 
  • Integration with enterprise risk scorecard dashboard 
  • Quickly identify risks visualising fourth party concentration

Learn more

User experience

Intuitive workspaces, dashboards and workflows for fast follow-up and maximum productivity.

  • Streamlined workspace for vendor risk managers to easily assess, analyse and report on all vendors 
  • Simple, secure interface for vendors to view and quickly respond to your requests 
  • Digital workflows with automated alerts and reminders for actions and reviews  
  • Scheduler to automate report generation and distribution 
  • Reduce friction in onboarding by allowing vendors to log in to the VRM Vendor Portal using your organisation's SSO.  

Learn more

Risk visualisation and reports

Powerful visualisations and reports, making it easy to collaborate and communicate with all stakeholders from front line to senior management.

  • Custom reports generated at the click of a button
  • Dynamic vendor risk profiles
  • Clear visualisations for efficient collaboration

Learn more

Preconfigured content – for a turnkey launch

Optimise your vendor risk management at the click of a button with preconfigured registers, dashboards and reports.

Explore some of the assets that are included within our VRM offering:

Vendor Management

Streamline your assessment, monitoring and management of risk from third party suppliers. The Vendor Management registers and dashboards help you:

  • Gain a centralised, integrated view of your vendors, their contracts, and their risk profile

  • Keep on top of vendor reviews

  • Provide oversight and management with analytic insights on active vendors, their attributes and related risk management activity

Vendor Findings and Issues Management

This package supports management of findings and issues relating to third party suppliers. The pre-designed register and dashboard help you:

  • Identify vendor issues in a central register early

  • See findings and issues by status and trend and group the information by rating from extreme to low

Vendor Actions Management

Gain visibility of risk and compliance management actions to ensure they are carried out by the right people and at the right time. The Actions Management register and dashboard help you:

  • Create and supervise any type of action

  • Have clear visibility for actions for internal team and actions for vendor by progress, ratings and monthly trend

  • Follow-up and escalate actions

  • Identify overdue actions

Questionnaire Management

Keep control of all relevant due diligence questionnaires between you and your vendors and have a clear view of all the important actions between and your vendors. The Vendor Questionnaire register and the Vendor Due Diligence dashboard allow you to:

  • Have a clear summary of key data from vendor questionnaires at various stages

  • Quickly see the number of finding and issues and the pending actions for your team and the vendor

  • Notify vendors when a new questionnaire is assigned and due

  • Notify relationship owners when questionnaires have been submitted by vendors and ready for review

SIG Questionnaires

Assess vendor risk across 21 different risk domains with Shared Assessments' Standardized Information Gathering (SIG) Questionnaires. The comprehensive set of questions is updated yearly to keep up with the ever-changing risk environment and priorities.

  • Includes SIG Core and SIG Lite

Vendor Risk Assessment and Management

Assess vendor risk and rate the risk categories, and link relevant risk and controls in the library. The Risk Assessment report and the Vendor Risk dashboard help you:

  • Identify vendor risks in a central register and schedule ongoing reassessments

  • Rate the vendor risk and link relevant controls in the controls library​

  • See key data of vendor portfolio and risks ratings

  • Clearly see the information grouped by risk categories such as vendor criticality, vendor service type, business unit and control effectiveness

Vendor Fourth Party Concentration

Record and visualise fourth parties (vendor’s third parties) with a Fourth Parties register and dashboard to help you:

  • Identify where a fourth party is relied upon by multiple vendors, creating concentration risk for the organisation

  • Segment data with different filters including vendor tier, service type and criticality​

Monitoring and Review Management

Streamline ongoing reviews and tasks to ensure they are carried out by the right people and at the right time. The Monitoring Register and the Vendor Periodic Reviews Dashboard allow you to:

  • Enable users to capture scheduled and completed reviews

  • Identify when reviews are overdue and coming up

  • Filter the information using different options that include review type, due date for contract renewals and vendor status​

Vendor Health Scorecard Dashboard​

This dashboard gives instant visibility into your vendor health score. Understand state of your vendor portfolio, quickly identify underperforming/high risk vendors – drill into detail if required to understand why.

Vendor Summary Report​

This report shows a summary of key information and activities for an individual vendor that can be generated and shared with the vendor to understand and improve performance.

Contract and Document Management

Automate reminders for expiring contracts and documents to ensure details are up to date. This includes dedicated Contracts and Document registers that offer you:

  • A central list of executed vendor contracts and agreements that captures key details such as value, expiry date

  • A central list of vendor documents such as insurance and certifications

Case study

Pinnacle stays in control worldwide with Protecht

"The value of this can’t be overstated. In an industry where analytical skills account for much of your success as a company, we’re able to better leverage our intellectual capital."

Cameron Drinan

Risk & Compliance Manager | Pinnacle Investments

See this story

Find out more about vendor risk management

Thought leadership and product demonstration webinars

Thought leadership webinar

Vendor risk management: When due diligence ends and risk management begins.

Watch on demand

Product demonstration webinar

Secure your supply chain. Strengthen your strategy.

Watch on demand

Thought leadership webinar

Cyber risk: Get on top of your controls and frameworks.

Watch on demand

Product demonstration webinar

Third-party vendors. First-rate vendor risk management.

Watch on demand

Related industries

Find out how Protecht’s industry expertise can help your vendor risk management teams meet their business requirements across our key industry verticals:

  • Banking

    Manage risk and compliance with a platform configured to empower banks and credit unions.

    Learn more

  • Insurance

    Stay on top of regulatory requirements with real-time reporting that gives every user risk ownership.

    Learn more

  • Fintech

    Manage risk and compliance with a platform designed for rapid growth in a rapidly changing environment.

    Learn more

  • Education

    Manage risk with a platform configured to support staff, students and your business needs.

    Learn more

  • Government

    Manage risk and compliance with a platform configured to meet the needs of government entities.

    Learn more

  • Aged care

    Manage risk and compliance with a platform designed to enhance safety and accountability in aged care.

    Learn more