HITRUST, the leader in information risk management, security, and compliance assurances, has officially announced the launch of several enhancements for its comprehensive third-party risk management (TPRM) solution, HITRUST Assessment XChange.
According to certain reports, these enhancements are all designed to overcome legacy challenges and make TPRM practical and effective for organizations across all industries.
Beyond that, the company has also unveiled integrations with leading TPRM solution platforms to address the current “last mile” challenge of capturing and consuming detail assurance information and performing population risk analysis.
The new enhancements, alongside integration with leading TPRM platforms, operationalize the broad assurance portfolio to ensure more effective and efficient risk management of vendors and partners. This they do through pre-built, streamlined workflows enabling end-to-end third-party risk, right from initial evaluation, to vendor engagement. Furthermore, the given equation also banks upon assignments and completion of assurances to conceive ingestion and analysis. All in all, the new technological setup makes it possible for TPRM programs to significantly improve their information security risk capabilities, while simultaneously reducing time, costs, and complexity.
Talk about the features HITRUST’s proprietary solution will be able to offer moving forward, the assortment begins from a comprehensive framework with threat-adaptive controls. You see, HITRUST’s continuously updated framework can seamlessly adapt to current and emerging cyber threats, thus eliminating the need for custom questionnaires and ensuring the controls maintain relevance to emerging cyber threats.
Next up, it will offer multiple assessment options that are understood to cover third party suppliers with different levels of inherent risk. These assessment options are also delivered through a portfolio of low, medium, and high-assurance levels for information security. Complimenting the same would be a recent introduction of AI assessments.
“Existing approaches to third-party risk management, such as relying on spreadsheets or limited control sets or assurance assessments, have proven insufficient to manage risk. HITRUST now delivers a complete solution that includes a broad portfolio of assessment options that maintain control relevance coupled with a proven effective assurance model to effectively address third party information risk,” said Erika Del Giudice, IT Assurance Services principal at Crowe LLP. “With the addition of its ServiceNow and other integrations, HITRUST now offers a complete solution that is not only powerful but also practical for organizations to employ”.
HITRUST’s solution can be further expected to streamline results delivery, as it can electronically receive validated assessment results, and therefore, enable faster, more efficient consumption, and risk analysis. The platform puts that next to real time updates of status, progress and remediation activities through seamless integration with the HITRUST Results Distribution System.
Moving on to HITRUST’s facility of end-to-end security risk management, it leverages HITRUST Assessment XChange and key TPRM solutions to help organizations gain access to comprehensive management of the vendor information risk process. Apart from that, the solution supports functions, such as guided setup and configuration, assignment of appropriate assessments, digital receipt of summary and detailed assessment results, regular renewals and re-assessments based on vendor changes, management reporting, and detailed third-party population analysis at the control specification level. In case that wasn’t quite enough, then it must be mentioned how the solution is even well-equipped to manage the stated processes across vast vendor populations, something which can help the technology ensure appropriate rigor and assurance at every step.
Rounding things up is a collection of staff augmentation capabilities. This translates to the fact that managed and integrated services are available from HITRUST Assessment XChange to support vendor engagement, outreach, education, and assessment.
HITRUST also took the opportunity in question to confirm the first planned integration of HITRUST Assessment XChange with ServiceNow’s Third-party Risk Management (TPRM) solution. The idea behind doing so is to let customers harness the power of the ServiceNow platform, and at the same time, capitalize upon full benefits of HITRUST’s comprehensive information security and risk management capabilities.