Platform

Third-party risk intelligence

Third-party risk is handled as evidence-backed intelligence rather than static vendor scoring. External signals are contextualized with tenant-specific exposure relevance and governance impact.

For: procurement, vendor risk teams, security leadership, and resilience governance stakeholders.

Last updated: 28 April 2026

Signal ingestion and normalization

External risk signals are ingested into tenant context, normalized, and linked to known vendors or services before they influence operational views. This prevents overreaction to disconnected or low-confidence telemetry.

Materiality and prioritization

Third-party alerts are prioritized by business criticality, integration depth, and plausible blast radius rather than alert volume. This helps teams focus on materially relevant supplier risk first.

Governance and board reporting

Significant third-party risk themes can be carried into board packs as evidence-linked narratives, preserving decision traceability and reducing subjective interpretation in governance communication.

Related documentation

Was this page helpful?

Trust and legal

Trust and legal baselinePrivacy notice (POPIA)PAIA ManualCookie and tracking noticeWebsite termsSecurity testing authorizationPlatform termsResponsible disclosure