The process of Vendor Risk Management includes the profiling, organizing and categorizing of suppliers based on the risk they post to your organization. In this case, the cyber/information security risk is examined. This service is suitable for organizations with an existing supply chain in particular.
Customers of SubRosa who engage in this service can expect improvements to both their internal enterprise risk program as well as supplier relations. Vendor Risk Management enables an organization to not only assess and manage risk, but also to align themselves with suppliers who match their organizational security practices and mission.