COBRA

VENDOR RISK MANAGEMENT PLATFORM

An End-to-End service on a unique platform operated by security specialists to target your vendor risks

Make stakeholders accountable 

Take action fast

Focus your resource 


1

User Interface & Navigation

Up to the minute view of risk status and programme implementation. 

  • Easy & Intuitive
  • Access & User Controls
  • Browser Accessible
  • Help functionality
  • Search Capabilities
  • Analytics & reports
  • Customer Branding

Easy Reporting of risk data as part of an organisation wide VRM program 

risks management project report
Risk Assessments dashboard
Vendor Risk Assessment Questionnaire

2

Comprehensive Assessment

Highly configurable to suit your needs:

  • Vendors self service onboarding and assessment 
  • Configurable surveys and questionnaires
  • Intuitive questions automatically checked for quality of completion
  • Templates to support specific regulatory mandates

3

Independent Validation

Continuous monitoring to verify vendor assessment and alert for indicators of change:

  • Configuration
  • Attack Surface
  • Data Leakage
  • Social Vulnerabilities
Open Source Risk Indicators
Vendor Risk Management project on Cobra
Risk Management Project

4

Workflows & Collaboration to assess, validate and monitor controls

Cross-organisation collaboration for automated decision making and escalation

  • Assess the effectiveness of controls
  • Workflow process management
  • Immediate visibility of anomalies
  • Vendor risk modelling
  • Tracking against historic risk changes
Vendor risk management inside a project
Project findings are defined outlining vulnerabilities that could be exploited.  Those of concern can be raised as remediation requests with the supplier

5

Remediation and Exception Management 


Manage vendor risk exceptions in relation to ongoing control requirements:
  • Issue and exception logging
  • Remediation and clarification actions
  • Address approved and non-approved exceptions
  • Follow up process for re-evaluating exception conditions
The platform provides a single location for governance, with individual business functions able to approve, or 'Sign Off', the project with evidence, review dates and the ability to revoke
Project Risk Landscape
__CONFIG_group_edit__{}__CONFIG_group_edit__
__CONFIG_local_colors__{"colors":{"8b2fd":"Snuff","edb1a":"White Lilac","83d40":"Ship Cove","20090":"Scampi","4f35b":"Rose White","b98f0":"Turquoise","772bd":"Turquoise"},"gradients":{}}__CONFIG_local_colors__