- Security TWENTY
- Women in Security
Business analytics has been added to the SureCloud Platform to help users in supply chain risk.
Auditing the supply chain for risk, or third party-supplier assurance as it is also known, is hard enough thanks to tight deadlines, but all too often the information collected from the supply chain is not used to its full potential, it is claimed by SureCloud, which offers Cloud-based IT Governance, Risk and Compliance (GRC) products. According to the firm, its new analytics capability lets users make better business decisions based on risk across suppliers.
The retailer Shop Direct Group is a recent adopter of the SureCloud Platform. Mike Marshall, Group Security Director at Shop Direct Group, said: “Our comprehensive third party compliance programme requires a robust compliance tool to help us demonstrate that our customer data is secure regardless of its physical location. SureCloud will make managing the due diligence process with our third parties much more straightforward, eliminate the need for e-mailing spread sheets backwards and forwards as we did in the past and have the versatility to support our future needs.”
Richard Hibbert, CEO of SureCloud, said: “Already our platform removes the need for our customers to operate spread-sheet based programmes and frees up highly skilled compliance and risk personnel from extensive administrative tasks. What’s really interesting for management is that by applying analytics to this whole area we can help them make more informed business decisions regarding third party risk – answering questions like: which are my worst performing suppliers?; do I want to continue to trade with them?; and which compliance requirements are all of my suppliers struggling to meet?”
Key features of the SureCloud Platform include:
· Ability to implement your own supplier questionnaires or leverage SureCloud’s template questionnaires including supplier risk calculations;
· Fine grained permissions to provide Form views based on Stakeholder Groups;
· Integrated Task Management to alert users to events such as compliance certificate expiry, or to allocate activity to internal or external stakeholders;
· Grouping structures to organise suppliers for example by industry or company size;
· Interfaces with common business intelligence tools such as Microsoft Office pivot tables for slicing & dicing data and creation of “what if” scenarios;
· Dashboards and reporting to provide real-time updates on progress;
· Analytics to identify patterns such as top or bottom performing suppliers;
· Coordination of Third Party Assurance with risk management.