Prevalent, a provider of third-party risk management solutions, has introduced new capabilities to enable organisations to assess their vendors’ readiness for GDPR.
The company’s platform has been expanded to include requirements under GDPR which relate to data privacy identification, mapping, and privacy operational risk controls. To determine a vendor’s readiness for the regulation it now allows organisations to identify which vendors must be assessed for GDPR readiness.
It also enables them to efficiently gather the organisational information needed to assess these vendors, obtain GDPR readiness information and documentation from their vendors, and accurately identify and analyse gaps in vendor preparedness and develop appropriate responses.
“Our solution already addresses the IT security controls and continuous monitoring necessary for GDPR,” said Brad Keller, senior director of third party strategy, Prevalent. “We have expanded our capabilities to provide our customers the means to obtain and analyse their vendors’ ability to satisfy GDPR’s additional requirements for managing data privacy. As regulatory requirements change, we will continue to provide customers the ability to manage vendor risk in a unified platform which addresses the entire vendor lifecycle.”
Prevalent has developed an organisational readiness survey to ensure that the company has identified all the vendors in scope for GDPR and has completed all the new information needed to assess their vendors.
The company gathers information and documentation on all of the data management and privacy operational processes a vendor needs to have in place for GDPR based on the type of EU data they access.
All company and vendor requirements can then be analysed within the Prevalent platform to determine a vendor’s level of readiness for GDPR, identify any necessary action items, and track vendor remediation efforts.
Founed in 2004, Pevalent helps global organisations manage and monitor the security threats and risks associated with third and fourth party vendors. With increasing regulatory pressure, it claims its solutions help reduce risk and cyber exposure to global organisations of all sizes, across industries.
According to a recent survey many companies are behind schedule to achieve Global Data Protection Regulation (GDPR) compliance. The survey sponsored by international law firm McDermott Will & Emery, and carried out by the Ponemon Institute, show that 40% of companies expect to achieve compliance with the regulation after the deadline.
Copyright © 2018 RegTech Analyst
Copyright © 2018 RegTech Analyst
