• 80%*
    Reduction in third-party onboarding time
  • 50%*
    Reduction in the time and costs required to complete assessments, and identify risks
*Source: Customer responses and GRC Journey Business Value Calculator

Strengthen Visibility into Third-Party Risks and Compliance

The MetricStream Third-Party Management App enables a comprehensive process to identify, assess, mitigate, and monitor third-party risks, as well as manage compliance, track performance, conduct audit, and manage issues. The app streamlines third-party information gathering, due diligence, onboarding, real-time monitoring, risk, compliance and control assessments. It also helps in assigning tasks, and documenting interactions with third parties. Through the app, companies gain valuable intelligence and visibility into third-party relationships for greater risk awareness and informed business decisions. Companies can also leverage the app's “multi-dimensional organization structure” functionality to model third-party management programs based on their organizational hierarchies. The app is certified for conformance with global accessibility standards and best practices as defined by WCAG 2.1 Level AA and Section 508.

Download Datasheet Business Value Calculator

Enabling High Performers

Responsive and personalized interface designed for third-party managers and their suppliers or vendors

Highly configurable to meet specific third-party management program requirements

Mobile ready, enabling third-party management anywhere, anytime

Real-time third-party intelligence and insights for better decisions

Fast, lean, ready for the future


Information Management

View third-party profile information, including products or services provided, bank details, spend, ongoing assessments, contracts, country, issues, certifications, due diligence status, risk rating, and associated business units. Leverage the app’s intuitive portal to search for and find third parties based on multiple criteria. Allow identified third parties access to the system to submit, update, or upload relevant information. Enable business users as well as third party users to leverage AI/ML rich features to search for third party policies, and capture observations

Onboarding Due Diligence

Simplify third-party intake across departments through a user-friendly portal. Automate the evaluation of risks for each third party or engagement. Sequence due diligence assessments, while also segmenting, rating and qualifying, third parties.

Define the frequency of periodic assessments based on the third party’s risk profile. Enable risks to be mitigated before onboarding. In addition, integrate with alerts from reliable external sources to screen and verify third-party information. Allow requesters or approvers to cancel a third party or request based on business needs.

Continuous Monitoring

Automatically validate third-party information and identify “red flags” based on globally sourced content around reputation, sustainability, threat intelligence, cybersecurity rating, Country Corruption Index, financial standing, Politically Exposed Persons (PEPs), sanction lists, Special Interest Persons (SIPs), state-owned enterprises, adverse media listings, and regulatory alerts. Subscribe to the alerts based on the criticality of third parties. Upon reviewing the alerts, provide a risk rating to third parties, and trigger risk assessments. Automatically create the issue based on breach of pre-defined thresholds.   Quantify third party risk by integrating with market standards, which improve insight on third-party’s cyber risk posture.

Periodic Risk and Compliance due diligence

Enable consistent and proportionate third-party risk and compliance assessments based on the type of third party, engagement, compliance mandates, and risk levels (i.e. reputation risk, information security risk, financial risk, strategic risk, business continuity risk).

Simplify due diligence by leveraging pre-defined questionnaires to assess third-party risks around finance, sustainability, compliance, legal, IT, anti-bribery, corruption, and business continuity areas. Allow internal and third-party users to reassign or collaborate on assessments with other users in their organizations. When qualifying a third party, leverage their rating scores to schedule periodic due diligence assessments which can later be triggered automatically. Alternatively, enable ad-hoc assessments based on risk intelligence from external sources, incidents, performance failures, or business insights. Automatically calculate risk scores based on the responses. Aggregate risk scores to determine the overall third-party risk posture.

Performance Management

Assess and track each third party’s key performance indicator (KPI) scores (e.g. cost, delivery, service, quality) leveraging assessments. Enrich internal scores with risk data from various internal systems, data base, content providers, and results of audits, assessments, and inspections. Leverage scorecards to monitor performance and proactively identify potential failures. Benchmark third party performance, view trends, and identify preferred third parties. Enable third parties to monitor their own status and performance through specific reports and dashboards.

Business Continuity

Provide a structured approach to capture and track the business impact analysis and business continuity plans of the third parties in conjunction with the internal ones. Source information on potential and actual hazards due to geophysical events through integration with content providers. Proactively warn third parties and stakeholders of potential or actual hazards/incidents.  Trigger business continuity plans based on impact assets and processes. Enable quick response to emergencies and critical events with  notifications and alerts. Collaborate with third parties to implement BCM plans. Leverage MetricStream COVID-19 solution to plan, act, and adapt to ever-widening pandemic repercussions on a near-real time basis.

Audit Management

Conduct risk based onsite audits or detailed online audit assessments of third parties. Streamline audit process including  information gathering, planning and scheduling, field work, reporting, and issue remediation. Design or modify checklists to evaluate third parties based on multiple parameters.

Issue Tracking and Action Management

Record and resolve issues identified during onboarding, monitoring, or risk and compliance assessments. Systematically manage action plans for risk mitigation with specific, time-bound tasks assigned to internal users and third parties. Enable internal and third party users to flag observations on potential risks, report anomalies, deviations etc. via simplified forms, chatbots/conversational interfaces. Leverage the NLP based Chatbot to view status updates and follow-up actions. Enhance risk mitigation with AI-Powered issue analytics to identify similar issues, findings and gaps. Automate creation, management and monitoring of actions for each of these issues and findings. In the event of a third-party contract breach or expiration, as well as incidents of non-compliance or dissatisfaction, simplify third-party off-boarding with in-built workflows and checklists.

Reports and Analysis

Leverage powerful reports, analytics, and business intelligence capabilities to help management teams make informed decisions based on a sound understanding of third-party risks, compliance, and performance. Compare third-party assessment scores for each product or service type and track how third parties are improving over time. Allow third parties to monitor their progress through graphical reports and dashboards.

Delivering Business Value

  • Prevent third-party risk incidents, and enable continuity of operations through quick risk assessments
  • Improve third-party risk visibility with quick, frequent risk assessments
  • Enhance third-party consolidation, rationalization, and visibility across businesses, spend, and risk exposure
  • Improve business and market agility by reducing the time taken for third-party onboarding and accreditation
  • Control third-party risk exposure, and accelerate responses to risk events with risk alerts from multiple data feeds
  • Build confidence in sourcing and negotiation decisions by leveraging historical data on third-party risks and performance, as well as the time taken to close issues
  • Leverage AI/ML and analytics to improve efficiency, insight quality, and the risk mitigation process

Request a demo Download RFP Template Pricing Contact