An End-to-End service on a unique platform operated by security specialists to target your vendor risks

Make stakeholders accountable 

Take action fast

Focus your resource 


User Interface & Navigation

Up to the minute view of risk status and programme implementation. 

  • Easy & Intuitive
  • Access & User Controls
  • Browser Accessible
  • Help functionality
  • Search Capabilities
  • Analytics & reports
  • Customer Branding

Easy Reporting of risk data as part of an organisation wide VRM program 

risks management project report
Risk Assessments dashboard
Vendor Risk Assessment Questionnaire


Comprehensive Assessment

Highly configurable to suit your needs:

  • Vendors self service onboarding and assessment 
  • Configurable surveys and questionnaires
  • Intuitive questions automatically checked for quality of completion
  • Templates to support specific regulatory mandates


Independent Validation

Continuous monitoring to verify vendor assessment and alert for indicators of change:

  • Configuration
  • Attack Surface
  • Data Leakage
  • Social Vulnerabilities
Open Source Risk Indicators
Vendor Risk Management project on Cobra
Risk Management Project


Workflows & Collaboration to assess, validate and monitor controls

Cross-organisation collaboration for automated decision making and escalation

  • Assess the effectiveness of controls
  • Workflow process management
  • Immediate visibility of anomalies
  • Vendor risk modelling
  • Tracking against historic risk changes
Vendor risk management inside a project
Project findings are defined outlining vulnerabilities that could be exploited.  Those of concern can be raised as remediation requests with the supplier


Remediation and Exception Management 

Manage vendor risk exceptions in relation to ongoing control requirements:
  • Issue and exception logging
  • Remediation and clarification actions
  • Address approved and non-approved exceptions
  • Follow up process for re-evaluating exception conditions
The platform provides a single location for governance, with individual business functions able to approve, or 'Sign Off', the project with evidence, review dates and the ability to revoke
Project Risk Landscape
__CONFIG_local_colors__{"colors":{"8b2fd":"Snuff","edb1a":"White Lilac","83d40":"Ship Cove","20090":"Scampi","4f35b":"Rose White","b98f0":"Turquoise","772bd":"Turquoise"},"gradients":{}}__CONFIG_local_colors__