Eliminate Duplicate Third-Party Assessments with Njordium Vendor Management System

Post Views: 9

New Platform Launched to Streamline Third-Party Risk Assessments

A new platform has been launched to help organizations streamline their third-party risk assessments and eliminate costly duplication under Europe’s overlapping regulatory landscape. The Vendor Management System (VMS) from Njordium Cyber Group is designed to address the issue of repetitive administration, which is currently a major challenge for many organizations.

Third-Party Risk Assessments: A Major Challenge

According to recent research, 70% of European organizations have suffered a data breach in the past three years, with 77% of those breaches originating from a vendor or third party. As a result, third-party risk teams are spending an average of 37 hours per week on administrative tasks, yet still struggling to keep up.

The Problem in the Financial Sector

The problem is particularly acute for organizations in the financial sector, which are subject to multiple regulations, including NIS2, DORA, the Cyber Resilience Act, and GDPR. These regulations require the same vendors to be assessed multiple times, creating disconnected evidence trails that can be seen as a compliance failure by regulators.

According to Mads Becker Jørgensen, CEO of Njordium Cyber Group, the current architecture of third-party risk assessments is broken, and the solution is not to add more complexity, but to simplify the process. “We didn’t add another layer of complexity – we removed it,” he said. “One assessment, seven regulatory outputs, one immutable audit trail. That is the new standard.”

Njordium’s VMS: A Solution to the Problem

Njordium’s VMS is designed to address this issue by allowing organizations to conduct a single vendor assessment that satisfies the requirements of multiple regulations. The platform simultaneously generates aligned outputs for supply-chain and enterprise risk standards, including ISO 27001, ISO 28001, and ISO 31000.

The platform also includes built-in modules for ultimate beneficial ownership screening, politically exposed persons monitoring, and suspicious activity reporting, which connect directly to regulatory workflows. This helps organizations to ensure that their anti-money laundering (AML) and vendor intelligence teams are working with the same information.

Kim Haverblad, Senior Advisor at Njordium, added that the launch of the European Anti-Money Laundering Authority (AMLA) has highlighted the need for organizations to ensure that their AML and vendor intelligence teams are working together effectively. “Njordium closes that gap before the regulator does it for them,” he said.

Key Features of the VMS Platform

The VMS platform includes a number of key features, including a multi-framework engine that allows organizations to conduct a single assessment that satisfies multiple regulations. The platform also includes risk-proportionate tiers, which allow organizations to scale their assessments according to the criticality of the vendor, and full nth-party mapping.

In addition, the platform offers data sovereignty, with the option for on-premise or private cloud deployment, and every AI decision is fully auditable.