COBRA

VENDOR RISK MANAGEMENT PLATFORM

An End-to-End service on a unique platform operated by security specialists to target your vendor risks

Balance local accountability for decision making with centralised oversight

Take action based on the results of advanced analytics and relevant reports

Drive efficiency in an otherwise labour intensive and complex risk process

Compare vendor data with intelligence from a variety of open sources

Implement a full Vendor Risk Management program 

It takes the heavy work off your hands, leaving you to manage risk at the strategic level based on the most up to date, relevant information available.

1

User Interface & Navigation

Full Profile management with dashboards for up to the minute view of risk status and programme implementation. 

  • Easy & Intuitive
  • Access & User Controls
  • Browser Accessible
  • Help functionality
  • Search Capabilities
  • Analytics & reports
  • Customer Branding

Easy Reporting of risk data as part of an organisation wide VRM program 

risks management project report
Risk Assessments dashboard
Vendor Risk Assessment Questionnaire

2

Comprehensive Assessment

Categorise vendors into risk tiers, including customisable capabilities to support detailed assessment of risks.

  • Vendor self-service to complete assessment
  • Configurable surveys and questionnaires
  • Intuitive questions automatically checked for quality of completion
  • Templates to support specific regulatory mandates

3

Independent Validation

Continuously monitored, automatic Open Source Intelligence driven independent verification of each vendor's risk landscape to qualify and inform the validity of the vendor's internal assessment and prioritise risks for visibility:

  • Configuration
  • Attack Surface
  • Data Leakage
  • Social Vulnerabilities
Open Source Risk Indicators
Vendor Risk Management project on Cobra
Risk Management Project

4

Workflows & Collaboration to assess, validate and monitor controls

Cross-organisation collaboration for automated decision making and escalation

  • Assess the effectiveness of controls
  • Workflow process management
  • Immediate visibility of anomalies
  • Vendor risk modelling
  • Tracking against historic risk changes
Vendor risk management inside a project
Project findings are defined outlining vulnerabilities that could be exploited. Those of concern can be raised as remediation requests with the supplier

5

Remediation and Exception Management 


Manage vendor risk exceptions in relation to ongoing control requirements:
  • Issue and exception logging
  • Remediation and clarification actions
  • Address approved and non-approved exceptions
  • Follow up process for re-evaluating exception conditions
The platform provides a single location for governance, with individual business functions able to approve, or 'Sign Off', the project with evidence, review dates and the ability to revoke
Project Risk Landscape
__CONFIG_group_edit__{}__CONFIG_group_edit__
__CONFIG_local_colors__{"colors":{"8b2fd":"Snuff","edb1a":"White Lilac","83d40":"Ship Cove","20090":"Scampi","4f35b":"Rose White","b98f0":"Turquoise","772bd":"Turquoise"},"gradients":{}}__CONFIG_local_colors__

Ready to get started?