“Finally a Vendor Risk Management standard that benefits both our clients and us.”
Katrina Wilson
VP, Compliance Officer
“We’ve been able to gather more relevant information for vendors from Buckler Open VRM than others!”
How Open VRM Works
Simple Steps to Ease Vendor Risk Management
Patrick Parker
Chief Product Officer
“After manually filling out 6 different cybersecurity questionnaires this week for prospects’ vendor due diligence, more RIAs should use Buckler…
So much faster and no duplication.”
the trickle-down effect
The need for a standard in vendor risk management
As cybersecurity regulatory requirements and security risks increased, vendors are now highlighted as a critical third-party extension for private data management.
When regulations tightened for Financial Services firms, they also tightened for vendors as they must adhere to the same compliance standards as their clients.
VENDORS
SUPPLIERS
THIRD-PARTIES
CONTRACTORS
SERVICE PROVIDERS
J. Gaston Siri
CEO
“OpenVRM is pushing us towards better compliance, thank you.”
The Challenge
Vendors and Clients find themselves in a never-ending spending spiral. Clients struggle to send requests to vendors that struggle to manage them. The result is incomplete, or outdated, due diligence resulting in non-compliance.
Vendors & Clients
The Never-Ending Spending
Annual Re-Certification Costs
All Vendors, and some Clients, pay for certifications like SOC 3, SOC 2 Type 1, SOC 2 Type 2, SIG Lite, SIG Core, etc.
Annual Security Assessment Costs
Vendors and Clients pay for penetration testing and vulnerability scans of networks, applications, cloud, etc.
Annual Due Diligence Costs
Clients contact Vendors who sometimes must answer each Client individually. This unnecessary effort results in incomplete or outdated VRM.
Multiple VRM System Costs
Clients pay for a VRM system while Vendors often pay for multiple, depending on their Clients' requests.
Joe Lucking
Director of Operations
“Open VRM saves us answering 150 different Vendor Due Diligence Questionnaires per year.”
Vendors spend over 15,000 hours per year answering security assessments and companies spend $2.1 million annually, on average, vetting these answers.
A unique and free platform to allow Vendors and their Clients to better communicate and manage the due diligence process of vendor risk management.
The Power of Open VRM
Compliance-Driven Way to Identify & Manage Supplier Risks
Home Offices, Agencies, Branches & Advisors
Easily manage vendor cyber risk
Invite Third-Party Vendors to a secure platform where you can easily manage them all, gain vendor visibility and oversight and reduce third-party risk.
Compliance-driven vendor framework and industry-standardized questionnaire
Pre-filled publicly available information from more than 500 Vendors
Vendor visibility, status, and risk level with dashboard view
Select best-of-breed vendors and add your local vendors
Benefits
Gain vendor visibility and reduce third-party risk
Streamline vendor remediation with faster onboarding and offboarding
Gain time and productivity handling vendor management
Select best-of-breed vendors and add your local vendors
Luis Quiroz
Co-Founder & CTO
“We save resources by leveraging Open VRM to share our Due Diligence documents with Clients.”
About
Open VRM
Powered by Buckler
Open VRM (Vendor Risk Management) offers the Financial Services industry a new standard for vendor due diligence management. Unlike traditional VRM software, Open VRM provides vendors with a free, open environment to populate, manage and share a pre-vetted security questionnaire and compliance evidence documents in one private location. Clients of vendors access the Vendor Directory with confidence to request access to Vendor due diligence information. Created by Buckler with oversight from an Advisory Board that includes cybersecurity compliance experts, Open VRM drives faster collaboration between vendors and clients in an ever-growing cyber regulatory world.
An Innovative Fremium Model
Open VRM is Freemium offering from Buckler, a unique Cyber Program Management System for the Financial Services Industry.