New Onspring Third-Party Risk Management (TPRM) Product Addresses Evolving Regulatory Landscape

 New Onspring TPRM software solution helps clients manage and mitigate risk.

OVERLAND PARK, Kansas, September 18, 2024 —Onspring, a leading no-code SaaS GRC automation software, today announced the release of Onspring Third-Party Risk Management (TPRM), developed specifically to help organizations identify and respond to potential risks throughout the entire lifecycle of a business relationship. Onspring TPRM introduces a comprehensive and flexible set of features to promote efficiency while providing effective onboarding, assessment, analysis, and response workflows. Built on Onspring’s no-code platform, Onspring TPRM empowers risk practitioners to provide business leaders with third-party intelligence that promotes risk-based decision-making.

Leveraging and working within the Onspring platform and portal, Onspring TPRM facilitates safe, secure, and convenient interactions with third parties, and delivers a personalized workspace for third-party resources to respond to information requests, tasks, and assigned assessment activities. Additionally, Onspring TPRM analyzes, captures, and continuously monitors critical risk data — cyber, financial, operational, and reputational — and then manages and safeguards that information in one central place. By understanding where the potential threats are from third parties — and the fourth-party vendors they are associated with — business and IT leaders in today’s key industries can identify existing vulnerabilities and potential threats to improve their security posture.

“Organizations today are increasingly concerned by the potential threat of a cyber event — and with good reason. Twenty percent of cyber breaches today are caused by a third-party vendor. With Onspring Third-Party Risk Management (TPRM), organizations can prioritize resources based on risk while offering a collaborative and transparent experience for their vendors,” said Brett Sommers, Director of GRC Products, Onspring. “With Onspring TPRM, we are arming clients with a much-needed and necessary tool they’ve been seeking. This latest innovation empowers them to establish a more robust TPRM program in even the most stringently regulated environments  — now and for years to come.”

Key Benefits

Onspring TPRM provides leaders and analysts with the due diligence they have been seeking to identify, target, and inform them of the riskiest partners and where they are most vulnerable. This helps to preserve the company’s reputation, assets, and revenue.

• Identification: Documents third-party profiles and engagements, identifies relevant risk domains, and segments engagements into risk tiers to align with pre-defined due diligence requirements.
• Analysis: This includes third-party discovery, review of automated workflows, risk collection, and engagement, vetting of third parties, and in-scope risk domains (and overall scores) via a scalable risk questionnaire.
• Assessment: A scoped evaluation of the concerned areas’ control posture based on the risk profile of the client relationship is necessary.
• Continuous Monitoring: Ongoing monitoring and engagement; enrollment of a recurring assessment schedule; periodic performance surveys; and security rating service monitoring.
• Better Adoption: This is a tailored and configured approach for each client via pre-configured questionnaires, rules, and reassessment based on response to ensure an effortless, efficient, and secure user experience.

Available now, more information about Onspring TPRM can be found at https://onspring.com/solutions/governance-risk-compliance/third-party-risk-management/.

About Onspring

Onspring is no-code GRC software that connects data and teams to improve business intelligence, governance, alignment, and resilience. When people are empowered to create their own workflows, processes, requirements, and reporting, teams are more productive, and businesses run better. With close to two million users worldwide, Onspring’s software helps businesses in every industry track and better manage their workflows.