Optiv Security Announces Next Generation of   Third-Party Risk Management Platform Evantix 

Evantix 5.0 Helps Organizations Better Scale Third-Party Risk Management Programs, Improve Visibility Into Risk Assessment Lifecycle and Track Remediation Issues

Denver – November 30, 2016 - Optiv Security, a market-leading provider of end-to-end cyber security solutions, today announced the availability of Evantix 5.0, a major update of its proven Software-as-a-Service-based third-party risk management platform. 

Optiv Evantix 5.0 is a fully integrated platform that helps organizations identify and manage inherent and residual risk associated with their third parties. The platform was built to allow organizations to more effectively and efficiently scale third-party risk management programs; monitor the risk assessment lifecycle of vendors, suppliers and business associates; and open and track remediation issues associated with those third parties. As a result, Evantix 5.0 helps organizations reduce costs and improve efficiencies associated with managing third-party risk.

“Enterprises rely heavily on their third parties to be successful, but managing risk associated with those external entities can be complicated and costly to businesses,” said James Christiansen, vice president of information risk management for Optiv. “Optiv’s Evantix platform expertly identifies and measures third-party risk by assessing relationship risk, business profile risk and control risk. The platform’s newest generation enables companies to shift the most time-consuming, costly and repetitive risk assessment activities back to suppliers, freeing organizations to focus on remediation, mitigation activities and other strategic initiatives.” 

Optiv Evantix 5.0 was designed to help third-party risk management teams better manage their third-party portfolio across multiple companies, departments and users through consistent policies and processes. The platform’s key features include:

• A Customizable Dashboard – The platform offers a rich HTML interface, dynamic information tailored to meet user needs and a completely customizable dashboard that allows individuals to select the appropriate graphs and terminology that aligns with their business. These features combined with enhanced reporting capabilities offer organizations an intuitive and easy-to-use platform that enables quick decision-making related to third-party risk issues.  
• Portfolio Management – Evantix can help organizations manage hundreds, to hundreds of thousands of third parties that interact with the company, providing the ability to quickly scale programs as needed. The platform helps inventory third-party relationships into a risk register allowing users to easily navigate and manage by applying filters and tags. Batch-upload functionality helps users easily upload thousands of vendors, suppliers or business associates into the platform so organizations can start the assessment process quickly.
• Assessment Management – This feature provides an “at-a-glance” view of in-progress and completed third-party risk assessments. Within Evantix, users simply categorize and launch assessment activity directly to the third party for completion and tracking. Organizations can access a collection of control models and choose a framework from industry standards such as National Institute of Standards and Technology (NIST), International Organization for Standards (ISO) and Shared Assessments. Delegation and auto account provisioning functionality for third-party and fourth-party contacts limits time spent creating accounts or the risks posed by sharing accounts.
• Validation Management – A fully integrated validation capability within the Evantix platform and workflow enables organizations to delegate multiple qualified individuals to validate third parties’ responses to risk assessment questionnaires completed via the platform’s online portal. Alternatively, if a client lacks resources to manage the validation process or prefers to outsource that capability to focus on more strategic efforts, Optiv provides comprehensive integrated services tailored to industry standards. 
• Remediation Management – After completing validation activities, organizations can use the Evantix platform to help identify issues with third parties and build a remediation plan. Within the platform, clients can create and assign issues requiring remediation, communicate directly with third-party associates to negotiate remediation tactics and track progress to completion through Evantix’s automated logging platform. 
• Renewal Management – To address challenges with managing the lifecycle of a third-party risk management program, Evantix allows for scheduled or on-demand risk assessment renewal alerts. This reduces the burden on the organization to track necessary assessment renewal timelines for up to hundreds of thousands of third parties, and offers those third parties the ability to provide updates rather than complete the entire assessment from scratch.

Optiv’s suite of third-party risk management solutions help organizations effectively plan, develop and manage third-party risk programs. Optiv’s comprehensive solutions enable organizations to operationalize their third-party risk approach no matter the maturity of their program and regardless of where the responsibility falls within the organization. These capabilities also help manage to the regulatory requirements and compliance standards relevant to the client’s industry.