TraceSecurity Simplifies Vendor Risk Management with Latest Release of TraceCSO

BATON ROUGE, La., April 9, 2015 (GLOBE NEWSWIRE) -- TraceSecurity, a pioneer in cloud-based IT Governance, Risk and Compliance (GRC) management solutions, today announced enhancements to its vendor management capabilities within cloud-based software solution, TraceCSO, that allow users to assess and mitigate third-party risk to protect against some of today's most publicized cyber-attacks, such as Target and JPMorgan Chase. As organizations continue to evolve from traditional brick and mortar to much more modern enterprises that include third-party relationships, they must account for and mitigate the IT security risk that is introduced.

Build better risk profiles of your vendors, suppliers and other third parties, states "Predictions 2015: The Governance, Risk and Compliance Market is ready for Disruption" report published by Forrester Research, Inc., November 12, 2014. The report continues to say that whether these entities are trusted partners or independent suppliers, your third parties are a rapidly growing source of risk for your firm, exposing you to reputational damage, legal liability, and operational risks. Internal risk assessments will only go so far today, especially because many of your third parties likely operate in far-off, remote locations where it can be difficult to determine their legitimacy. Monitoring vendors will provide a helpful complement to your in-house vendor risk management functions.

TraceCSO customers now have access to new vendor risk management features and best practice workflow. Tracesecurity development engineers focused to deliver enhancements that enable organizations to assess many disparate vendors in these four easy steps:

  1. Import vendor information and contacts into TraceCSO
  2. Conduct an internal triage of vendors via criticality questionnaires
  3. Distribute vendor questionnaires that help determine risk ranking and streamline the collection of due diligence documentation
  4. Review results and rank vendors based on their criticality, risk rating and due diligence documentation

"Integrating vendors into business operations allows companies to gain efficiencies and improve strategic flexibility. In doing so, they also alter their risk profile and must account for vendor risk within their security and compliance program," said Peter Stewart, TraceSecurity CEO and president. "The goal of TraceCSO's new features is to take the risk out of vendor management. We work each day to simplify information security management so organizations can effectively arm themselves against today's evolving cyber attacks."

Accurate, meaningful and timely analysis of vendor risk is an overwhelming challenge for many organizations. TraceSecurity will present a complimentary and educational webinar, "Vendor Risk Management: Better Manage IT Security Risks from Third Parties," Thursday, Apr. 16th at 1pm CST. Join TraceSecurity to learn how you can have command over your extended enterprise. This webinar will explore some of today's most publicized data breaches resulting from third-party suppliers and discuss how you can effectively mitigate some of today's greatest cybersecurity risks. Register for the webinar.

To learn more today:

Vendor management is a single functional area within the full suite of TraceCSO's information security and compliance capabilities. TraceCSO is the industry's first cloud solution for organization's to build and manage a holistic and risk-based information security program that delivers comprehensive visibility and accountability for improved risk and compliance profiles across an organization. Customers can tap into a single TraceCSO function or leverage the full suite to integrate their IT and vendor risk assessments, policies creation and management, audit preparation, employee training, incident response management, vulnerability management and compliance tracking and reporting activities.

TraceSecurity was recently named number 73 in the Cybersecurity 500, a directory of the 500 hottest and most innovative cybersecurity companies to watch in 2015.

About TraceSecurity

TraceSecurity, a leading pioneer in cloud-based security solutions, provides IT Governance, Risk and Compliance (GRC) management solutions. The company's cloud-based services help organizations achieve, maintain and demonstrate security compliance while significantly improving their security posture. Having served more than 2,000 customers, TraceSecurity supports the security and risk management efforts of organizations in financial services, healthcare, high-tech, insurance, government, education and other regulated sectors. Founded in 2004, the company has executive offices in Silicon Valley and offices in Baton Rouge, La. For more information, call (225) 612-2121 or visit

© 2015 TraceSecurity. TraceSecurity and TraceCSO are registered trademark of TraceSecurity. Rights reserved worldwide.

CONTACT: Ashley Swanson, VP of Marketing (225) 361-2475

Source:TraceSecurity, Inc.