第三方事件响应服务演示

Speaker: Hello and welcome to this overview of the rapid response offering provided by prevalent. Speaker: The prevalent rapid response offering allows you to quickly and effectively assess the impact of set events against your vendor estate. Speaker: Within your platform, you’re able to bulk import entities or third parties that require rapid response assessments or create intake templates to allow the business to create entities that require rapid response reviews. Speaker: You’re able to leverage your existing entity tree by using categories. Speaker: to assess specific third parties. Speaker: This can be achieved by selecting the necessary entity and adding the events category. Speaker: Once this is done, you’re able to create a schedule that will target the specific event in question. Speaker: This could be achieved by creating a schedule and either using a flexible assessment which will provide the responders with a finite period of time in which to complete responses or by using a proactive assessment. Speaker: You’re able to select the relevant survey or assessment from the prevalent library. Speaker: and then send that content to an events risk register. Speaker: This means it will not impact any of your existing risk registers that exist in your environment. Speaker: If I select copy answers from previous surveys, this will pre-populate in the event I need to reassess in future. Speaker: These assessments have been pre-built to reflect either generic events or specific events known and common in the wild. Speaker: I can distribute the assessment to the entity category events. Speaker: This means every entity in my entity tree that has the events category tag would receive this proactive assessment to complete. Speaker: Within the schedule tab, I’m able to select the start date, which I’ll set as today. Speaker: I can also define how often the third parties or vendors have the ability to complete the assessment. Speaker: For example, here once they’ve submitted it, they’re able to recmplete the same assessment 3 days later. Speaker: For flexible assessments, I’m able to define how long they’ll have to actually complete the assessment and whether it reoccurs. Speaker: We’re able to customize the email templates that go out for proactive assessments within the email template section. Speaker: This is under submission and is under the proactive assessment templates. Speaker: If I choose, I can have any proactive assessments also CCD to a generic mailbox if I wish to review any bouncebacks or queries that come back from third parties. Speaker: The prevalent team is able to distribute and manage this process for you on your behalf where required. Speaker: This is managed through the prevalent risk operations center, otherwise known as the rock. Speaker: Once distributed, third parties will receive notifications and have the ability to log in and complete proactive assessment or a flexible assessment. Speaker: If it’s a proactive assessment, they can select the event type and the entity that they’re completing on behalf of. Speaker: This will be limited by their permissions. Speaker: The third party will have the ability to go through the assessment template. Speaker: And the question sets use question dependencies to tailor the subsequent questions based on their previous responses. Speaker: Much like an exam, they’ll be expected to complete all the necessary questions before finally submitting it. Speaker: Once it’s been submitted, the relevant results will go into the events risk register. Speaker: Within the events risk register, you’ll be able to see any issues based on the questions that have been sent to your third parties. Speaker: So here, for example, I can see that ATM inc was in fact impacted by this event and has no instant management or response plans. Speaker: The level of risk presented for each third party will reflect the questions they’ve answered. Speaker: Typically, the event assessments focus on whether confidentiality, integrity, or availability of services or content is impacted by the event. Speaker: Third parties will be prompted to provide context wherever necessary. Speaker: I’m able to use the event risk register to review third parties on mass and I’m also able to do this from the report section. Speaker: This is by going to live and filtering by the event risk register. Speaker: This will show me all third parties that have completed the assessment and issues have been identified against. Speaker: I’m able to manage individual responses by going into the third party and selecting the submission tab. Speaker: Within this I’ll be able to look at all the responses whether positive or negative and I can either manually create risks or create tasks where I have the appropriate assessment license to perform those actions. Speaker: The advantage of the rapid response offering is that it enables me to identify any additional third parties that may require further remediation. Speaker: I’m able to track completion of any assessment within the schedules tab. Speaker: In the submission section, I can see all the third parties that have been distributed the response assessment for the events in question. Speaker: I’m able to track their progression and where necessary identify those that have yet to respond. Speaker: This gives me a centralized view to understand the progress and level of visibility I have as to whether the event has impacted my third party estate. Speaker: The prevalent rock is able to manage this process for you by distributing the assessment and tracking completion and highlighting any non-complete responses back to your cells for further actions. Speaker: This workflow provides a quick and effective way to get information at scale against your third party estate whenever a new or emerging threat is identified. Speaker: If you require further information on rapid response capability. Speaker: Please feel free to reach out to us. Speaker: We’ll be happy to help.