Strengthen Visibility into Third-Party Risks and Compliance

The MetricStream Third-Party Management App enables a comprehensive process to identify, assess, mitigate, and monitor third-party risks, as well as to manage compliance. The app streamlines third-party information gathering, due diligence, onboarding, real-time monitoring, and risk and control assessments. It also helps in assigning tasks, and documenting interactions with third parties. Through the app, companies gain valuable intelligence on and visibility into third-party relationships for greater risk awareness and informed business decisions.

Download Datasheet

Enabling High Performers

Responsive and personalized interface designed for third-party managers and their suppliers or vendors

Highly configurable to meet specific third-party management program requirements

Mobile ready, enabling third-party management anywhere, anytime

Real-time third-party intelligence and insights for better decisions

Fast, lean, ready for the future


Information Management

View third-party profile information, including products or services provided, bank details, spend, ongoing assessments, contracts, country, issues, certifications, due diligence status, risk rating, and associated business units. Leverage the app’s intuitive portal to search for and find third parties based on multiple criteria. Allow identified third parties access to the system to submit, update, or upload relevant information.

Onboarding Due Diligence

Simplify requests for third-party engagement though a user-friendly portal. Automate the registering and onboarding of third parties across departments. Evaluate the risks of each third party or engagement, and sequence due diligence assessments, while also qualifying, segmenting, and ranking third parties.

Define the frequency of periodic assessments based on the third party’s risk profile. Enable risks to be mitigated before onboarding. In addition, integrate with alerts from reliable external sources to screen and verify third-party information.

Continuous Monitoring

Automatically validate third-party information, and identify “red flags” based on globally sourced content around Politically Exposed Persons (PEPs), sanction lists, Special Interest Persons (SIPs), state-owned enterprises, adverse media listings, and regulatory alerts. Subscribe to the alerts based on the criticality of third parties. Upon reviewing the alerts, provide a risk rating to third parties, and trigger risk assessments.

Periodic Risk and Compliance due diligence

Enable consistent and proportionate third-party risk and compliance assessments based on the type of third-party, engagement, compliance mandates, and risk levels (due to increased spend, criticality, or addition to a sanctions list).  

Simplify due diligence by leveraging pre-defined questionnaires to assess third-party risks around finance, compliance, legal, IT, anti-bribery, corruption, and business continuity areas. Trigger the assessments at pre-defined intervals, and automatically calculate risk scores based on the responses. Aggregate risk scores to determine the overall third-party risk posture.

Issue Tracking and Action Management

Record and resolve issues identified during onboarding, monitoring, or risk and compliance assessments. Systematically manage action plans with specific, time-bound tasks assigned to internal users and third parties. In the event of a third-party contract breach or expiration, as well as incidents of non-compliance or dissatisfaction, simplify third-party off-boarding with in-built workflows and checklists.

Reports and Analysis

Leverage powerful reports, analytics, and business intelligence capabilities to help management teams make informed decisions based on a sound understanding of third-party risks, compliance, and performance. Compare third-party assessment scores for each product or service type, and track how third parties are improving over time. Allow third parties to monitor their progress through graphical reports and dashboards.


  • Improve visibility into the third-party ecosystem through effective information consolidation and rationalization
  • Track third-party performance through summary reports on onboarding and due diligence
  • Reduce business risk exposure by adopting a consistent approach to third-party risk identification, mitigation, and on-boarding
  • Enhance third-party risk oversight by leveraging content from trusted global sources
  • Significantly reduce the time, effort, and costs involved in third-party assessments by auto-segmenting third parties, and adopting a structured assessment process
  • Simplify the search for and discovery of third parties. Raise requests easily for third-party engagements
  • Strengthen compliance with third-party governance standards and regulations, including OCC and FFIEC mandates, as well as FCPA, AML laws, and the UK Bribery Act

Request a demo Download RFP Template Pricing Contact