• 80%*
    Reduction in third-party onboarding time
  • 50%*
    Reduction in the time and costs required to complete assessments, and identify risks
*Source: Customer responses and GRC Journey Business Value Calculator

Strengthen Visibility into Third-Party Risks and Compliance

The MetricStream Third-Party Management App enables a comprehensive process to identify, assess, mitigate, and monitor third-party risks, as well as to manage compliance. The app streamlines third-party information gathering, due diligence, onboarding, real-time monitoring, and risk and control assessments. It also helps in assigning tasks, and documenting interactions with third parties. Through the app, companies gain valuable intelligence and visibility into third-party relationships for greater risk awareness and informed business decisions. Companies can also leverage the app's “multi-dimensional organization structure” functionality to model third-party management programs based on their organizational hierarchies. The app is certified for conformance with global accessibility standards and best practices as defined by WCAG 2.1 Level AA and Section 508.

Download Datasheet Business Value Calculator

Enabling High Performers

Responsive and personalized interface designed for third-party managers and their suppliers or vendors

Highly configurable to meet specific third-party management program requirements

Mobile ready, enabling third-party management anywhere, anytime

Real-time third-party intelligence and insights for better decisions

Fast, lean, ready for the future


Information Management

View third-party profile information, including products or services provided, bank details, spend, ongoing assessments, contracts, country, issues, certifications, due diligence status, risk rating, and associated business units. Leverage the app’s intuitive portal to search for and find third parties based on multiple criteria. Allow identified third parties access to the system to submit, update, or upload relevant information.

Onboarding Due Diligence

Simplify requests for third-party engagement across departments through a user-friendly portal. Automate the evaluation of risks for each third party or engagement. Sequence due diligence assessments, while also qualifying, segmenting, and ranking third parties.

Define the frequency of periodic assessments based on the third party’s risk profile. Enable risks to be mitigated before onboarding. In addition, integrate with alerts from reliable external sources to screen and verify third-party information. Allow requesters or approvers to cancel a third party or request based on business needs.

Continuous Monitoring

Automatically validate third-party information, and identify “red flags” based on globally sourced content around Politically Exposed Persons (PEPs), sanction lists, Special Interest Persons (SIPs), state-owned enterprises, adverse media listings, and regulatory alerts. Subscribe to the alerts based on the criticality of third parties. Upon reviewing the alerts, provide a risk rating to third parties, and trigger risk assessments.

Periodic Risk and Compliance due diligence

Enable consistent and proportionate third-party risk and compliance assessments based on the type of third party, engagement, compliance mandates, and risk levels (due to increased spend, criticality, or addition to a sanctions list).  

Simplify due diligence by leveraging pre-defined questionnaires to assess third-party risks around finance, compliance, legal, IT, anti-bribery, corruption, and business continuity areas. Allow internal and third-party users to reassign or collaborate on assessments with other users in their organizations. When qualifying a third party, leverage their rating scores to schedule periodic due diligence assessments which can later be triggered automatically. Alternatively, enable ad-hoc assessments. Automatically calculate risk scores based on the responses. Aggregate risk scores to determine the overall third-party risk posture.

Issue Tracking and Action Management

Record and resolve issues identified during onboarding, monitoring, or risk and compliance assessments. Systematically manage action plans with specific, time-bound tasks assigned to internal users and third parties. In the event of a third-party contract breach or expiration, as well as incidents of non-compliance or dissatisfaction, simplify third-party off-boarding with in-built workflows and checklists.

Reports and Analysis

Leverage powerful reports, analytics, and business intelligence capabilities to help management teams make informed decisions based on a sound understanding of third-party risks, compliance, and performance. Compare third-party assessment scores for each product or service type, and track how third parties are improving over time. Allow third parties to monitor their progress through graphical reports and dashboards.

Delivering Business Value

  • Prevent third-party risk incidents, and enable continuity of operations through quick risk assessments
  • Improve third-party risk visibility with quick, frequent risk assessments
  • Enhance third-party consolidation, rationalization, and visibility across businesses, spend, and risk exposure
  • Improve business and market agility by reducing the time taken for third-party onboarding and accreditation
  • Control third-party risk exposure, and accelerate responses to risk events with risk alerts from multiple data feeds
  • Build confidence in sourcing and negotiation decisions by leveraging historical data on third-party risks and performance, as well as the time taken to close issues

Request a demo Download RFP Template Pricing Contact