Enterprise customers have reaped the benefits of Framework Mapper for a couple of months and now the capability is available to third parties. With the ability to map our award-winning assessment back to industry frameworks, third parties can translate the completed assessment to other standards, allowing them to share assessments quicker and engage with more customers than ever before.
Third parties are inundated with requests for assessments and because of this, enterprises aren't getting the insights they need when they need them. The cost of this is immense. In fact, according to a recent report by Ponemon Institute, third parties spend over 15,000 hours completing cyber risk assessments each year, in which enterprises only take action on 8% of those assessments that they receive. With the addition of the Framework Mapper feature, third parties can now replace redundant assessments with the CyberGRX assessment by simply mapping the assessment back to relevant industry frameworks such as GDPR, CCPA, NIST 800/CSF, HIPAA, etc.—as their customers request.
“Completing custom assessments takes up a lot of third parties’ time and resources, and the reality is a majority of them aren’t even being used by enterprises and other third parties to make strategic, business decisions,” said Fred Kneip, CEO of CyberGRX. “The ability to map CyberGRX enriched data to other assessments and frameworks means that third parties can now move away from custom and redundant assessments, and spend more time mitigating risk. Thanks to our structured dataset, CyberGRX is the only VRM solution on the market that can provide this capability to both our customers and third parties.”
CyberGRX assessments apply a dynamic and comprehensive approach to risk assessment analysis, replacing outdated static spreadsheets as well as the need to repetitively complete or request assessments each year. With the CyberGRX Exchange, users can collect assessment data in a structured format that lets them run analytics and derive rapid and actionable insights. This standardized data approach also allows for standard input and custom output of the assessment data. Framework Mapper allows third parties to gain complete visibility and context of their third-party risk, so once they completes the assessment, they can then confidently share that same assessment with other customers and offer to map it to the industry standards of their choice.
Check out the Framework Mapper webinar to learn more