Third-Party Risk Management

Vendors can attach all necessary or requested evidence in one link. Vendors should ensure that these link(s) are secured and accessible to the authorized requestor only. Additionally, vendors may utilize their preferred cloud storage service (e.g., Google Drive, Dropbox, Sharepoint, etc.) to maintain full control over shared data. CTM360 has no visibility on any of this shared data.

You can invite your vendor to our Community Edition platform for free, allowing them to have limited visibility of their data, including existing issues, to help them address and resolve them effectively.

The amount of credits you receive within the RiskHub module depends on the package you are currently subscribed to, along with the ability to add more requests by sending out a mail to our team at monitor@ctm360.com. Currently, there is no limit on the number of portfolios you can create as long as you have the required credits to populate these portfolios.

Third-party risk profiling helps organizations gain insight into the cybersecurity posture of their vendors, partners, and customer licensees, as well as potential prospects, thus understanding the possible risks that might occur while being associated with them. Being aware of your organization’s third-party cybersecurity posture helps you decide whether to initiate, maintain, or terminate business with them. This leads to a secure cyber ecosystem, reducing potential financial and reputational damages.

Yes, users can create new custom questionnaires by navigating to the 'Builder' section. Within this section, users can leverage our comprehensive control question library to create a tailored questionnaire that aligns with their requirements.