<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=26304&amp;fmt=gif">
BitSight

Third Party Tiering: The Cornerstone of a Strong Third-Party Risk Management Program

Noah Simon | September 7, 2018

With the number of third parties connected to businesses increasing, risk and security teams need to ensure they are spending the right amount of attention on the right third parties. To do this, organizations need a clearly defined, tiered portfolio of third parties, vendors, and suppliers. Today, many companies tier their third parties based on the inherent risk they present, and the types of data they handle or have access to.

BitSight now enables customers to easily tier their third parties based on the criticality they present to their business. Customers who have gone through this exercise independently can simply replicate their tiers accordingly in the platform. Users can add a description of each tier and bulk add third parties they are monitoring to the appropriate tier.

Manage TiersManage Tiers is available on the homepage of BitSight Security Ratings portal

 

Tiering & Your Third Party Risk Workflow

Customers can use tiering to ensure they have alerts configured to help bring attention to the right third parties when pressing issues arise. For example, thresholds can be set for alerts when high-criticality third parties experience a drop of any kind. For third parties that are less critical, you can be alerted only for significant performance drops or for the specific risk vectors of greatest concern. Customers can dive into specific tiers to get a view of all companies with a specific risk profile.

Risk Matrix: Assess the State of Third Party Risk in One View

Once customers have configured tiering in their BitSight Security Rating portal, they will see a Risk Matrix on the home page. This matrix provides a clear risk posture overview, clearly illustrating which third parties have security issues that should be reviewed and acted on. Customers should start at the top right and work down to the bottom left of the matrix as they collaborate with third parties to improve risk posture on the most widely-used security ratings platform globally.Risk Matrix

The Risk Matrix is front and center on the homepage of BitSight Security Ratings portal.

 

Conclusion

Tiering is foundational to the success of any third party risk management program. To date, BitSight is the only security ratings platform that guides customers through tiering their portfolio of third parties to streamline workflows and prioritize actions for their program. Customers should reach out to our Customer Success team (success@bitsighttech.com) to ensure they are taking full advantage of Tiering, and be on the lookout for future enhancements soon.


security ratings snapshot 

Suggested Posts

Forrester Recognizes BitSight as a Leader in Cybersecurity Risk Rating Solutions

This past Tuesday, BitSight was named a Leader in The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2018 evaluation. This report evaluates the current offering and strategy of vendors in a particular technology market, such...

READ MORE »

BitSight EXCHANGE Recap: Takeaways from the Inaugural Forum

On October 10th, BitSight’s inaugural EXCHANGE forum, the premier event for security and risk professionals, took place at the Intercontinental New York Times Square. Over the course of this one-day event, distinguished business and...

READ MORE »

5 Reasons Not To Miss BitSight’s Inaugural EXCHANGE Event

On October 9th & 10th, BitSight will host EXCHANGE, the premier event for security and risk professionals, at the Intercontinental New York Times Square. Over the course of this one-day event, distinguished business and technology leaders...

READ MORE »

Subscribe to get security news and updates in your inbox.