- November 18, 2021: Added navigation instructions.
- November 18, 2020: The new TPRM experience.
The Action Plan panel automatically groups third parties into actionable phases based on criticality (defined by tier) and security risk (rating category). It also provides a risk summary based on the company’s life cycle stage.
To see action plans, ensure the company that you are monitoring has been tiered and then view the panel in the company’s Vendor Overview page.
| Plan | Description |
|---|---|
| Monitor | Companies in the monitor phase have a good security posture and can be continuously monitored and evaluated more thoroughly depending on available resources. No immediate action is needed. |
| Review | Companies that are starting to either fall behind in addressing security issues or are still in the process of implementing plans for issue response and remediation. Investigating their security posture is recommended to gain a deeper understanding of their developments and help determine if any action or follow up is necessary. |
| Escalate | Critical companies. Enabling access to the Bitsight platform is recommended to prompt the investigation and remediation of issues that have been identified. Refer to the Enable Access program. |