Our Vendor Risk Management Service

You may have a solid compliance environment within your company but what about the third parties that you transfer personal data to?

Your third party contacts are your likely biggest GDPR compliance risk 

These could be marketing agencies, design agencies, payroll, or even recruitment delivery services to your clients.

Tacita’s assessments of companies has seen Assurance Scores of between 22% and 91%, with a median score of 55% . This demonstrates that the majority of companies (and likely your third parties) have compliance issues.

Using our low-cost, time-effective Third Party Assessment Service within two weeks you can have a complete picture of the compliance of the third parties that process personal data on your behalf.

 Minimum Business Disruption

Our VRM service is a time-effective and automated process, achieving maximum results at the minimum disruption to your business. 

Proof of due-diligence

A VRM assessment will provide the necessary due-diligence for the third parties that you employ.

Clarity of risk

The report generated will paint a clear picture of the risks that your organisation faces from your third parties. 

Don't leave it to chance - find out your Third Party Risk TODAY

Our Service

Our cost-effective and automated process uses a subset of our overall business assessment and asks the key questions that will ensure an accurate picture of the GDPR compliance of your third parties.

It is hassle-free, risk-focused and generates a Tacita-checked report that will be provided to your organization.

The benefits of our process are the following;   

  1. Low cost
  2. Minimal disruption to you and your third parties
  3. Swift. Report produced within 2 weeks
  4. It provides proof of your due diligence
  5. Ensures effective management of your ‘Personal Data Supply Chain’
  6. We can include Sub-Processors 

Following the assessment, Tacita will provide your organization with a dashboard summary of your third party risks.

Our Dashboard

Tacita will compile the information collected from your third parties during the assessment and create a dashboard summary of your third party risks.

Depending on the answers provided in the assessment, each third party will be assigned a risk score. These individual scores are then collated to create an overall risk score for your business. 

In this way the Tacita Dashboard provides both a complete overview and granular breakdown of your business' third party risk environment.

VRM dashboard

Vendor Risk Management Dashboard

Post-Assessment Support

We know you wouldn’t want to delist a third party unless absolutely necessary.

Our services can help your third parties achieve GDPR compliance at the lowest possible cost and least disruption.

Our portfolio of DIY remediation services can help your third parties reach compliance as swiftly as possible and eliminate the risks that they pose to your organization.

Each identified  issue will be provided with a remedial action, so that the third party can act immediately on that issue.

Project Schedule of Remedial Actions

When your the third parties have actions, we will identify the following elements:

  1. Action priority
  2. Which roles should undertake these
  3. Work effort to complete these actions 
  4. Likely duration of each action

Our Project Schedule will act as a project plan that can be immediately used by the third party. 

We provide a curated activity plan that can take a non GDPR expert within the third party step-by-step through the execution of any actions.

Think IKEA, you do not have to be a carpenter to build a cabinet.  It’s the same with our solutions.

Follow the steps and the issue will be resolved efficiently and swiftly with least business disruption.

To learn more about Tacita's services, contact us below to arrange an informal meeting.

Send us a message

Telephone: +44 20 4526 5699
Email: contact@tacita.io

To see how we use your data, see our Privacy Notice.