Managed Vendors helps you manage your third-party vendor risk. UpGuard analysts collect the evidence necessary to assess vendors on your behalf and present their findings in a comprehensive report that is securely stored within the UpGuard platform. Reports are based on the analysis of security questionnaires, compensating control information, public security documentation, and security ratings data.

This service is designed to help you scale up your third-party risk management processes without having to hire additional staff by using our team of analysts. Whether you’re a small business with a few vendors who just wants to ensure their third-party risk management is sufficient or a large multinational with hundreds of vendors, we can help. For small businesses who may not have in-house third party risk experts, the analyst team can be engaged for expert assessment of critical suppliers. For large companies, UpGuard’s analyst team provides an elastic pool of experts who can help process large numbers of vendors so that your SMEs can focus on larger business processes.

If you are interested, please contact us so we can learn about your needs, help you understand how pricing works, and get you set up.

Once you’ve been set up, you’ll be able to add vendors to your Managed Vendors, request an assessment, monitor the progress of your requests, and review complete assessments from within the UpGuard platform. Here’s how the process works:

  • Step 1: After requesting a vendor assessment, an UpGuard analyst will be assigned and work with you to understand the services the vendor provides, past interactions with the vendor, when the assessment should be completed, and the kind of assessment appropriate for them.
  • Step 2: The analyst will gather evidence including: a security questionnaire completed by the vendor, any security documentation they have published, a search for data leaks using UpGuard’s proprietary technology, and the security rating information.
  • Step 3: The analyst will review all available information and return a written assessment identifying significant risks and any compensating controls or explanations provided by the vendor. Each vendor will then be scheduled for an annual reassessment to maintain a secure third party supply chain.

Vendors that are managed by UpGuard will also show up in the list of all vendors in Vendor Risk. Any vendors managed by UpGuard will not count toward the license usage of self-managed vendors.

Did this answer your question?