Promote this Nomination
|Company (that provides the nominated product / solution / service)||Ostendio|
|Company size (employees)||10 to 49|
|Type of solution||Cloud/SaaS|
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
The Ostendio MyVCM integrated risk management platform includes MyVCM Vendor Connect, a groundbreaking new solution helping organizations manage risk related to their vendors.
In the past, traditional vendor risk management has relied on static surveys that vendors complete and mail in. There is no way to validate the responses because the supporting documentation isn’t linked. Often, the information doesn’t stay current as vendors change their security programs, company requirements evolve, and regulations change over time.
MyVCM Vendor Connect solves this problem by creating a living ecosystem of vendor assessments. Companies can invite vendors to create and maintain online records of their security and compliance readiness via assessments. Responses link to supporting documentation that is easily accessed and kept up to date. Companies can designate assessments to vendors based on specific regulations, or tailor them to their specific requirements. Using the data from the responses, MyVCM vendors are grouped into different risk pools, giving companies a consolidated and segmented view of their vendor risk landscape.
MyVCM Vendor Connect is just one feature of the Ostendio MyVCM Integrated Risk Management platform. The platform stands out from competitors because:
2. It has a broader reach - Ostendio MyVCM customers automatically become part of the MyVCM Trust Network which allows them to connect with any other MyVCM Customer to send and receive security information.
3. It is more comprehensive - MyVCM supports every aspect of an organization's cyber security program, from policies to asset management, risk management, training, incident management, and more. Essentially the platform can be used to build, operate and showcase every aspect of an organization's security and risk management program.
Ostendio MyVCM™ is an innovative, industry-leading Integrated Risk Management Platform that makes it easier to build, operate, and showcase an organization’s security program. Businesses of any size or industry that need to demonstrate compliance to security standards internally and externally can benefit from Ostendio MyVCM. The platform provides a single solution that incorporates users and requirements from across the enterprise. It gives access to over 150 standards, regulations, and frameworks including SOC 2, FedRAMP, HITRUST, and HIPAA.
Ostendio MyVCM helps companies:
Identify and quantify enterprise risk;
Quickly build and deploy security assessments;
Manage and respond to security incidents and breaches;
Align vendors and suppliers to security and compliance standards.
In addition, using MyVCM Auditor Connect, Ostendio customers who intend to work with an auditor can enter audit requirements and request information from auditors with the MyVCM Auditor Connect marketplace. Auditors can contract directly with Ostendio customers within the platform, providing a more transparent and efficient process. This offers customers and auditors significant time and cost savings when completing a complex audit.
MyVCM Vendor Connect addresses vendor security by allowing customers to invite vendors to create and maintain online records of their security and compliance readiness via assessments. Responses link to supporting documentation that is easily accessed and kept up to date. MyVCM customers can designate assessments to vendors based on specific regulations, or tailor them to their specific requirements.
The Ostendio MyVCM platform currently handles over 100,000 user activities every month, and over the past 12 months has supported more than 1,250 security assessments.
Ostendio customers join the MyVCM Trust Network which connects organizations with their vendors to help them safely share security information. Ostendio aims to make the MyVCM Trust Network the default security and risk management community in North America.