Case Study: One of Chicago’s Largest Regional Hospitals builds a TPRM Program

Published by Sabrina Pagnotta on October 6, 2020

The choice

ThirdPartyTrust was the selected tool because of its ease of use and flexibility to adapt to their business goals. What’s more, they benefited from the bundle partnership with GuidePoint Security, and had an expert on site to assist with setting up the tool, starting, and further maturing the program.

“ThirdPartyTrust has been really instrumental in the initial project: putting together the program, helping us to assemble a steering committee, deciding what our procedures would be, actually conducting the assessments of the third-parties using the tool… We’ve had a lot of assistance from ThirdPartyTrust and GuidePoint Security in putting our TPRM program together”.

Those custom sessions (both at the beginning of the project and once they’d been operational for a while), were really helpful in communicating to the Senior Management and the Board the steps taken, the overall risk landscape, and steps to take in the next 1, 2 or 5 years.

The improvements on day-to-day operation

“Before we were using the ThirdPartyTrust platform, our process for assessing third-parties was very manual. We were looking for architecture diagrams and asking questions to them in a non-structured way”, described a team member.

After implementing the tool, they were able to customize the risk assessment procedure, print detailed reports, drill down to specific issues like application security, look for specific certifications, and all sorts of insights that have streamlined their process.

“The tool made it a lot easier to communicate both to the business team that’s using the third-party and the third party themselves. If we have specific documentation or security artifacts that we’re looking for and not getting, we can point to it in the tool as opposed to just verbally or via email”, they added.

Learn More About ThirdPartyTrust

Features and usability

The first thing that came to mind for the team was the clear dashboard and how easy it is to understand, at a glance, the overall health of the third-party and third-party ecosystem. She also highlighted the “Connections” tab, the way that it’s organized, and how easy it is to navigate, in order to see the lifecycle status, how many high-impact third-parties there are, and so much more.

“Being able to look at the scores as a grid has made it very easy to report within the organization who has a good security posture versus who doesn’t, and where we need to work on remediation. The visual of it is very easy to understand for people who are outside of our process and just need quick answers on a particular third-party”.

Why ThirdPartyTrust?

“In addition to being a great tool, ThirdPartyTrust has got great people behind it. They’re very supportive of our program and help us think through things differently. They have been really instrumental in educating us, they’ve been hand-holding and supporting us the whole way, which has been phenomenal.”

The team is now better able to organize themselves, set attainable goals, and meet those goals, thanks to both the power of the ThirdPartyTrust platform and the expertise of GuidePoint Security.

“A lot of vendors will give you a tool and give you support on the tool, but really supporting our program is something that I think has been pretty unique to ThirdPartyTrust in particular”, concluded a team member.

To learn more about how ThirdPartyTrust can help you streamline your TPRM program, request your free trial now:

Trial Account Sign-Up

Sabrina Pagnotta

Sr. Content Strategist

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.