Welcome to Vendorpedia
Trusted by Over 5,000 Global Customers
The OneTrust Vendorpedia Third-Party Risk Management Platform
Cyber Risk Exchange
Research vendors and monitor performance with a research database and pre-completed assessments
Shared SIG, NIST, ISO, CAIQ Assessments
Security Certification Monitoring
Breach & Regulatory Enforcement Tracking
Vendor Chasing Services™
Enlist a Vendorpedia agent to perform vendor risk assessments on your behalf
Dedicated Assessment Expert Support
Global, Multilingual, 24/7 Availability
Assessments & Due Diligence
Streamline supplier selection, assessment, mitigation, and approvals with workflow automation
Out-of-the-Box Industry Standard Templates
Intelligent Control-Tracking Technology
Personalized Automation Workflows to Meet Your Use Case
Manage the vendor lifecycle, from selection to onboarding and through to supplier termination. Identify bottlenecks and use assessment automation technology to perform faster due diligence, speeding up procurement to get your team the tools they need to succeed, without sacrificing security or compliance.
Fueled by OneTrust DataGuidance Intelligence
Vendorpedia is powered by OneTrust DataGuidance intelligence to offer regulatory, security, privacy, and third-party risk research from over 50 in-house researchers and a global network of 500 lawyers. Research your vendors with a database of aggregated vendor information from public and private sources to understand the state of your vendors’ security, privacy, and compliance programs.
Proactive Monitoring for Ongoing Vendor Oversight
Maintain a watchful eye on all your vendors to identify critical risk and performance changes that occur over time. Get notified and automate actions when changes that affect security, privacy, compliance, and performance arise. With Vendorpedia, you can monitor vendor breaches; regulatory enforcement actions; security certification lapses; SLA performance; 4th-party changes; controls; contract expirations; internal use case changes; and much more. And when these events occur, leverage configurable automation workflows to rapidly respond.
Clarity at Every Level of Your Third-Party Risk Program
Build an inventory of every vendor, with the granularity to track the information you care about most, all while maintaining records for compliance for every product, service, contract, and supplier engagement. Extract and monitor key contract terms and SLAs, as well as keep your vendor inventory up to date.
Prescriptive Functionality for Every Team, from Procurement to IT
Streamline communication across teams with roles-based access controls for third-party risk, infosec, procurement, sourcing, IT, and privacy professionals. Automate task delegation, track activity to maintain audit trails, and configure automation rules to develop systematic processes, as well as increase accountability across your team.
Simplified and Centralized Risk Management
Personalize your risk scoring framework to track inherent and residual risks. Using Vendorpedia, you can flag risks automatically with intelligent assessments and kick off repeatable risk treatment workflows that align to goals. When a risk emerges, take necessary actions, such as accepting the risk, making mitigation recommendations, or assigning controls. Lastly, track risks in a central register to identify risky vendors and prioritize treatment.
As of February 13th, 2020, OneTrust Vendor Risk Management has an Overall Rating of 4.8 out of 5 in the IT Vendor Risk Management market based on 68 reviews.
The Gartner Peer Insights Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.