Reading the Portfolio Assessment Report in the CM App Mehron The Portfolio Assessment report delivers visibility into aggregated risk, data breaches, and the security effectiveness of vendors. This report can be used to generate insights on the health of a large set of vendors, answering such questions as: Should my organization worry about the security risk that this set of vendors poses to my business? How many vendors are below a tolerable risk level? How many vendors is my organization collaborating with to reduce their cyber security risks? How many vendors improved their security risk profile? This can also be used to look into particular aspects of GDPR compliance for a set of vendors, particularly related to: Effectiveness of technical measures vendors have in place to avoid data breaches. Data breach notification. Safeguards related to data transfers to other jurisdictions. Territorial scope of data processing and storage. Reading This ReportHeaderThe Header section contains the name of the selected folder and the number of companies contained in the folder.Quarter to Date versus Previous QuarterThis section presents quarter-to-date metrics about the companies in your selected folder.Median RatingThe median rating of all companies in the selected folder. The upper value is the median rating on the day that the report was generated; the color indicates the current rating category. The lower value (gray) is the median rating registered at the end of the previous quarter. Vendors with Basic RatingsThe number of companies in the selected folder that had a rating in the Basic category at the end of the previous quarter. A red downward arrow indicates that there are currently more companies with Basic ratings in this folder than there were at the end of the last quarter. A green upward arrow indicates that there are currently fewer companies with Basic ratings in this folder than there were at the end of the last quarter. To learn more about our rating categories, see What is a Bitsight Security Rating?Vendors Collaborating to Improve Their RatingsThe number of companies you're currently collaborating with. A red downward arrow indicates that the current number of companies that are collaborating is lower than the number of companies in the last quarter. A green upward arrow indicates that the current number of companies is higher than the number of companies in the last quarter. Vendors with Improved RatingsThe number of companies in the folder that had an increase in their security rating during this quarter.Footprint and Security IncidentsThis section contains information about the EU vs Non-EU distribution of the vendors' IP address footprint and occurrences of security incidents over the past 12 months.FootprintThis section indicates: The number of IPs in this folder in EU and Non-EU jurisdictions The number of companies in this folder that have a footprint in one or both jurisdictions Security Incidents Analysis and Most Recent Security IncidentsThe Security Incidents Analysis section indicates the number of data breaches that occurred across the vendors in the selected folder in the last 4 quarters, including the current quarter to date.The Most Recent Security Incidents section lists the most recent security incidents at companies in the selected folder. If a breach occurred in a subsidiary of a company in the folder, the breach information will be shown in the list with an asterisk.Portfolio Risk Vectors Average GradesThis section provides a breakdown per risk vector of the aggregate performance of the vendors in the selected folder.For each risk vector, the average grade across all companies in the selected folder is shown. The number of companies below that average is shown beneath it. March 9, 2022: Updated screenshots. March 28, 2018: Published. Related articles Windows Extended Support and Extended Security Upgrades (ESU) Bitsight NIST CyberSecurity Framework Report Self-Attested Compliance Panel Marsh McLennan Study: Correlation Between Bitsight Analytics and Cybersecurity Incidents Organization: My Company List Feedback 0 comments Please sign in to leave a comment.