- December 20, 2023: Risk Analytics.
- October 4, 2023: Vendor Risk: Overview
- July 27, 2023: “TPRM” renamed to “Continuous Monitoring”; Design update.
The Continuous Monitoring application is optimized for third party risk management (TPRM) workflows. It provides an overview of your portfolio and in-depth analysis tools that gives your organization deeper insights to its portfolio quality across industries, folders, tiers, and rating categories.
- The Context Switcher dropdown, located in the top actions bar, allows you to select from one of your subscribed companies or your most recently viewed companies. The data on the functional pages is synced to the selected company.
Prioritize your third-party remediation strategy for a particular company.
|The Portfolio Dashboard surfaces the most important information regarding your portfolio and serves as the launching pad for third-party risk management workflows and to other parts of the Bitsight platform.
|Connects risk data into risk insights through the Marsh McLennan likelihood of breach and the Bitsight, “Bitsight Security Ratings Correlate to Ransomware” studies.
|Risk Program Setup
|Set up Bitsight to create a clear picture of cyber risk aligned to your organization’s risk tolerance.
|Ease your workload with automated and customized notifications. Set up and manage alert settings to best meet the needs of your risk tolerance for when to be notified on changes in risk.
|Folders can be used to organize your portfolio to better understand the security performance of certain groups of companies, such as IT vendors and companies in your organization. Folder Management is where you set up and manage your folders.
|Tiering is one of the first steps in the TPRM process and it sets the stage for everything that follows. Tiers are used in the Portfolio Risk Matrix to prioritize companies in your portfolio based on their criticality to your organization and their security risk. Tier Settings is where you set up and manage your tiers. NOTE: This page is only available for Admins, Group Admins, and Portfolio Managers.
|Provides views specific to the overall portfolio of companies that you are monitoring in Bitsight.
|Provides an overview of your subscribed companies.
|Allows you to select individual companies to compare ratings with companies in your portfolio and see their progress over time.
|View companies that you were previously subscribed to and monitoring in Bitsight.
|Provides views specific to an individual company that you are monitoring within Bitsight.
|The selected company’s security rating overview and company information.
|A depiction of the selected organization’s company hierarchy within the Bitsight platform.
|Quickly identify red flags for cyber risk with objective data aligned to standard and custom questionnaires.
|A breakdown of the selected company’s risk, drilling into the individual risk vectors.
|The culmination of observed internet traffic and configurations, providing a single place to sort, filter, analyze, comment on, track remediation efforts, and export findings.
|Hostnames/domains and IP addresses that are attributed to the selected company.
|Prioritize your third-party remediation strategy for the selected company.
|Externally-facing IP addresses and CIDR blocks that are attributed to the selected company.
|4th Party Risk
|Manage your fourth parties by identifying the areas of concentrated cyber risk. Automatically pinpoint connections between any organization, its business partners, and potentially risky fourth parties, and then determine if the relationship fits into your business and information security strategy.
|Get an overview of your fourth party ecosystem.
|View products provided by service providers across your fourth party ecosystem.
|Determine which fourth party company to subscribe to or view the companies that are dependent on a particular service provider or product.
|Access and manage vulnerabilities and exposures - including major security events - to find and remediate threats more quickly within their vendor portfolio.
|Track vendor outreach requests made by you or your colleagues and see where your vendor or clients are in the collaboration process.
|Alerts allow you to take immediate action on ratings changes, infections, or vulnerabilities impacting companies in your portfolio.
|Set up alerts for your Total Risk Monitoring or Risk Monitoring portfolio.
|4th Party Alerts
|Set up alerts for your fourth party portfolio.
|Reporting on the data of companies in your portfolio, which can be used to discuss critical third party risks and also help drive business decisions with senior executives and an organization’s Board of Directors. Reports ease the burden of having to manually gather aggregate cyber security risk data and it translates complex security topics into actionable business metrics.