Ostendio MyVCM

Additional Info

Company size (employees)10 to 49
Type of solutionCloud/SaaS


Ostendio MyVCM™ is an innovative, industry-leading Integrated Risk Management Platform that makes it easier to build, operate, and showcase an organization’s security program. Businesses of any size or industry that need to demonstrate compliance to security standards internally and externally can benefit from Ostendio MyVCM. The platform provides a single solution that incorporates users and requirements from across the enterprise. It gives access to over 150 standards, regulations, and frameworks including SOC 2, FedRAMP, HITRUST, and HIPAA.

The MyVCM CrossWalk feature reduces time spent on compliance work for customers and auditors. MyVCM customers can use documentation already collected for one standard and CrossWalk it to other standards. For example, if you have completed a SOC2 assessment you can then run a simple gap analysis against PCI DSS and automatically map all related evidence.

Ostendio MyVCM helps companies:
Identify and quantify enterprise risk;
Quickly build and deploy security assessments;
Manage and respond to security incidents and breaches;
Align vendors and suppliers to security and compliance standards.

Ostendio customers who intend to work with an auditor can streamline the process using MyVCM Auditor Connect where they enter audit requirements and request information from auditors with the MyVCM Auditor Connect marketplace. Auditors can contract directly with Ostendio customers within the platform, providing a more transparent and efficient process. This offers customers and auditors significant time and cost savings when completing a complex audit.

MyVCM Vendor Connect addresses vendor security and compliance by allowing customers to invite vendors to create and maintain online records of their security and compliance readiness via assessments.

How we are different

Ostendio MyVCM should be named Compliance Solution of the Year and is different from the competition because:

1. It has a deeper reach - the platform is rolled out to and used by every employee, contractor, and support personnel, not just the security team. Currently, there are thousands of users of the MyVCM platform completing and in 2021 they created over 1,250 new security assessments to which they added over 17,500 pieces of evidence.

2. It has a broader reach - Ostendio MyVCM customers automatically become part of the MyVCM Trust Network which allows them to connect with any other MyVCM Customer to send and receive security information. Customers of different sizes and from multiple industries use MyVCM for their compliance requirements.

3. It is more comprehensive - MyVCM supports every aspect of an organization's cyber security and compliance program, from policies to asset management, risk management, training, incident management, and more. Essentially the platform can be used to build, operate and showcase every aspect of an organization's security, compliance, and risk management program across more than 150 industry frameworks.

In addition to those benefits, Ostendio also offers a team of Professional Services experts ready to help customers as they implement their security programs. Customers engage the Professional Services team to supplement an organization’s compliance team during the initial set-up of a security program or for some expert assistance when preparing for a complex audit.