Abriska 27036 - Supplier Risk Management Tool

Business Challenge

All organisations rely on support from third-party organisations and suppliers. Assessing the risk associated with these third parties is critical to ensuring that supplier risk is minimised and your organisation remains secure/ and the information security measures implemented by key supplier meet your expectations. Typically, a single self-assessment questionnaire is sent to all suppliers, irrespective of the criticality of the third party or the services that they offer.

How Abriska 27036 Delivers Effective Supplier Risk Management

Abriska 27036 is designed and pre-mapped to provide you with an automated method of conducting supplier information security risk assessments, allowing you to define the level of granularity based on the risks that suppliers pose to your organisation and the information the suppliers have access to. Abriska 27036 also minimises the administrative overhead of sending security assessment questionnaires to multiple suppliers. Abriska 27036 achieves this by:

  • Enabling a single register of all third parties and suppliers to be captured
  • Categorising each supplier based on the services they provide to your organisation and the potential risk they pose
  • Establishing a level of priority based on the information the third party has access to
  • Managing the questionnaire administration process with email notifications and reminders until they are completed, online and directly into the central database
  • Clearly reporting the risks associated with each supplier based on your risk appetite, enabling you to make informed decisions and be in a position to discuss and track any risk treatment actions necessary for any specific supplier.

Alternatively read the Abriska 27036 product sheet for a full breakdown of the methodology and benefits of Abriska.