MetricStream Named a Leader in Third-Party Risk Management Platforms by Independent Research Firm

San Jose, March 6, 2024  - MetricStream, the global market leader in governance, risk, and compliance (GRC), announced today that it has been named a Leader in The Forrester Wave™: Third-Party Risk Management (TPRM) Platforms, Q1 2024. 

After identifying the 13 most significant providers, Forrester used a 24-criterion evaluation of third-party risk management (TPRM) platform providers to research, analyze, and score them. According to the report, MetricStream has oriented its strategy around cognitive innovation, offering robust features to support the third-party risk lifecycle. MetricStream’s TPRM product stands out for strong conformality and supports multiple risk-response strategies. 

MetricStream was recognized as a Leader, receiving the highest possible scores in the criteria of risk management lifecycle respond, TPRM lifecycle: offboarding and de-provisioning, configurability, partner ecosystem, adoption, community, supporting services, and offerings. 

“We believe being recognized as a leader in the Third-Party Risk Management by Forrester is a testament to our unwavering commitment to empowering organizations not only to manage but to embrace and thrive on risk for business growth,” said Gaurav Kapoor, Co-CEO and Co-Founder, of MetricStream. “Third parties are extremely critical to scale business performance and innovation, but recent incidents involving third parties and increasing number of regulations will require organizations to their current approach. Organizations are still relying on questionnaires, managing risks in siloes, and manually assessing third parties at pre-defined intervals. Our customers have realized significant value by hyper-automating their third-party risk management programs and integrating with broader risk, compliance programs with Connected GRC, aided by Cloud, Continuous, and Cognitive technologies.” 

MetricStream Third-Party Risk Management (TPRM), built on a low-code / no-code GRC platform, provides organizations with an integrated, real-time view of third-party and fourth-party risks across the enterprise and allows taking proactive steps to protect organizations from potential incidents. It automates the end-to-end processes of information gathering, onboarding, real-time monitoring, risk, compliance and control assessments, and risk mitigation. It also offers capabilities to understand the relationship between third-party, enterprise, operational, compliance, and IT & cyber risk, impact, effort, and investments required to mitigate them. Built-in pre-trained AI models help automatically review responses from third parties, identify potential risks, rate and rank risks, and recommend action plans to proactively mitigate them.