Third parties being tested for compliance must be segmented by their criticality and business relationship. Panorays makes it simple to do so with checking a few boxes, defining how critical the vendor is to the business and how the company interacts with it.
When identifying a new vendor, check the “PCI” box and the vendor will receive a security inquiry that will ask about each of the 12 PCI controls. Panorays will grade the vendor’s responses and identify any missing policies.
Financial services regulations like OCC 2013-29 and EBA prescribe a set of processes for checking your third party partners. Panorays helps by acting as your central repository of third parties.
The Security Inquiry includes a separate scale representing the third party’s readiness for GDPR. The scale ranges from no readiness to full compliance.
Panorays offers an efficient framework for maintaining the documentation for process-oriented regulations like OCC and EBA. No more spreadsheets; everything is on the platform.
Panorays continuously monitors third parties for new issues and reports specific findings that may cause a problem for compliance to regulations like GDPR, NYDFS and security standards like NIST, ISO 2700x and PCI DSS.