RiskRecon’s automated risk appetite configuration capability enables enterprises to automatically produce assessments and action plans based on their unique risk requirements, enabling risk professionals to easily understand and act on their third-party risk.

Salt Lake City, Utah, November 15, 2018 – Building on RiskRecon’s unique capability to automatically risk prioritize issues based on asset value and issue severity, RiskRecon announced a cutting-edge capability that enables organizations to automatically produce third-party cyber risk assessments and action plans that are custom-fitted to match their unique risk appetite.

“This capability enables risk professionals to instantly understand third-party cyber risk within the context of their policy and to easily act on that risk,” explained Kelly White, RiskRecon’s co-founder and CEO. “Manual third-party risk assessment approaches require large amounts of effort to gather and analyze information and determine which issues violate their risk policy. RiskRecon automates this whole process, freeing professionals to focus on strategic third-party risk issues.”

“Managing third-party cyber risk is a NOW priority,” explained Roger Hale, CISO of Informatica, the enterprise cloud data management leader. “Cloud has you outsourcing your infrastructure and integrated systems, but you can’t transfer your data protection liability. Managing risk well requires good, consistent information, and RiskRecon is bringing forward capabilities that enable the automation of 3rd- and 4th-party risk monitoring, alerting, and response. Automation of risk assessment is critical given the perpetual cyber security talent shortages.”

Customers configure their risk appetite through a simple administration interface, selecting from a set of default policies or configuring their own policy. Customers can set their own risk policy for each security criteria through a graphical user interface by selecting the combinations of asset value and issue severity to identify issues important to their organization. For example, if you are not concerned about Spamming issues, then simply deselect all cells of the Risk Priority Matrix.

RR Risk Appetite

In addition to automatically creating custom-fitted risk assessments and action plans, organizations can similarly tune RiskRecon’s continuous monitoring to surface only the material risk issues that violate their risk policy.

About RiskRecon 

RiskRecon is the only continuous vendor monitoring solution that delivers risk-prioritized action plans custom-tuned to match your risk priorities, providing the world’s easiest path to understanding and acting on third-party cyber risk. Partner with RiskRecon to build your scalable, third-party risk management program to realize dramatically better risk outcomes. To learn more about RiskRecon’s approach, request a demo or visit the website at www.riskrecon.com.


Connect with RiskRecon: 

LinkedIn: https://www.linkedin.com/company/riskrecon/

Twitter: @riskrecon