RSA Archer Vendor Management automates and streamlines the oversight of vendor relationships. This web-based vendor-management software facilitates risk-based vendor selection, relationship management, and compliance monitoring as part of a governance, risk management, and compliance (GRC) program.
With Vendor Management, you can establish a vendor management process by centralizing third-party data, reporting on activities related to vendor risk and performance, and consistently and repeatedly assessing suppliers. The solution enables organizations to:
Vendor On-Boarding – Evaluate prospective vendors and conduct a due diligence review to assure the third party does not pose an unnecessary risk to your business. Based on the results, the vendor manager can approve the vendor as an active third party supplier.
Relationship Management – Aggregate key vendor information including profiles, subsidiary hierarchy, sub-contractor relationships, contacts, facilities, contracts and engagements, financial statements, SSAE16s and certificates of insurance.
Vendor Risk Assessments – Use pre-loaded questionnaires to evaluate inherent and residual risk across Sustainability, Diversity, Information Security, Compliance/Litigation, Resiliency, Strategic, Financial and 4th Party risk categories. In addition, you can import your own questions and quickly build new assessments. Once your assessment is established, you can deliver online assessments to vendors and relationship managers. The system then calculates risk and compliance ratings and next assessment dates from the assessment results and allows you to modify the scoring formulas through a point and- click interface. The organization can assess the nature and status of each finding, including the vendor response and appropriate mitigation procedures, and can track the status of remediation tasks.
Third Party Performance Review – Evaluate and monitor the vendor relationship by tracking key performance indicators, SLA objectives and the status of deliverables. The vendor scorecard provides an indicator for their performance against pre-defined SLA metrics enabling organizations to verify the vendor’s quality of work, mitigate risks and drive continuous improvement.
Benefits of RSA Archer Vendor Management include:
Lower risk, greater compliance – Reduce reputational risk and ensure regulatory compliance by enforcing risk management policies and controls and standardizing your vendor assessment process.
Automation – Auto-calculate vendor tiers, risk ratings, next-scheduled review dates, and compliance monitoring status based on assessment results.
Savings – Lower resource and travel expenses to perform third-party risk analyses and maintain vendor oversight.