Third party risk management | Supplier risk assessment | Supplier risk management

3rd party risk management

Request a Demo

Automated pre-filled surveys

Accelerate your privacy program using our automated surveys that cover PIA & DPIA.

Automated pre-filled surveys

Key features

  • PIA & DPIA templates for your vendors
  • Data privacy good practice templates
  • Automated surveys
Easy assessment of partner data handling risk. Surveys auto-determine the information required to assure vendor due diligence. Covers PIA and also DPIA if required. Integrated workflow allowing single or batch surveys. Pre-populated surveys for ongoing attestation.

Transfer impact assessment

Identify which processes are performed by your 3rd party processors and how they manage your data securely

Decide the level of assessment you require. Configure our survey too. Covers PIA and also DPIA if required. See third party processors ranked by risk. Focus on your biggest exposures first. Manage your suppliers to compliance and mitigate the risk they pose to your business.

Key features

  • Vendor risk assessment survey
  • Automatic vendor risk assessment
  • Store their certifications
  • Manage non-compliances and gaps
Transfer impact assessment

Automated vendor risk

Assessment of the regimes in certain jurisdictions can evidence undertaking of due diligence on a jurisdiction.

Automated vendor risk

Key features

  • Pre-filled risk templates
  • Fully configurable vendor surveys
  • Configurable risk calculations
  • Vendor contract management
  • Track vendor shared data
Know which of your partners uses your data and on what legal basis you provide access. Manage the contractual relationship. Surveys auto-determine the information required to assure vendor due diligence. Visualise data transfers.

Automatic Schrems II contracts

Proteus NextGen is enterprise software that already audits third parties for everything required by the new TIAs, thereby providing the case-by-case assessment required by the Schrems II ruling.

Hosted in the EU as a SaaS platform, systems can be provisioned within half a day if required.

Key features

  • Import your third-party vendor list.
  • Issue the preconfigured surveys which incorporate a full TIA.
  • Automatically risk assessed to enable easy prioritization of activity.
  • Contracts incorporate the latest SCCs as soon as the EU Commission issues them.
  • Automated sign off completes the process.
  • Easy ongoing review for subsequent years.
Automatic Schrems II contracts

Predefined vendor document templates

Use our predefined data privacy templates to accelerate establishment of best practice

Predefined vendor document templates

Key features

  • Predefined data privacy templates
  • What policies and procedures do your vendors have?
If you don't have your own vendor policies and procedures you can draw upon our templates. Manage vendor compliance against your choice of prerequisites.

Transfer Impact Assessment Data Mapping

Understanding what data your vendor has, where the data is held, what processes use it, who they share it with, where they back it up and what security measures they apply is fundamental to a good secure data privacy program.

Capture what data of yours your vendor holds, why they have it and how they use it (each and every process). Understand how they look after it (security, retention, backups etc) and bring this all together into your data register. Now add flexible reporting and visualisation capabilities and you will be in control of your data and will mitigate the risk of your vendors mishandling your data.

Key features

  • Process data mapping
  • Application data mapping
  • Asset data mapping
  • Data register
  • Data security
  • Data disposal
Transfer Impact Assessment Data Mapping

Contract management

What contracts do you have to manage the legal basis on which you share data with any 3rd party? NextGen includes contract management to manage this process, with workflow to review them regularly.

Contract management

Key features

  • Full workflow for vendor management
  • Automated renewal reminders
  • Vendor due diligence
What contracts do you have to manage the legal basis on which you share data with your 3rd parties? Select which documents (contracts, SLAs, binding corporate rules, policies, etc) are required for the relationship. Use yours or use one of our templated documents. Store these against the vendor. Manage this process using our integrated workflow to review them regularly. Mitigate the risk of vendor non-compliance.

Legal basis for sharing data

Capture the consent and legal basis for sharing data with 3rd party processors

Ensure that you have a valid legal basis for sharing personal data with a third party vendor. If not, ensure that yu have obtained the necessary client consent for that vendor.

Key features

  • Key performance indicators
  • Automated renewal reminders
  • Workflow for management
Legal basis for sharing data

Ready to see it in action?

Request a Demo    Learn more about Proteus® NextGen