BLOG | privva


News and Updates

March 25, 2020

By now, anyone in the US Department of Defense supply chain should know about the new Cybersecurity Maturity Model Certification (CMMC). Knowing what to do about it is something else.

The goal of CMMC is to utilize five maturity levels, ranging from Basic Cyber Hygiene to Advanced/Progressive cyber practices, to ensure information protection in the defense...

March 15, 2020

Sending countless emails? Making unnecessary phone calls? If you’re tired of chasing vendors to submit your security assessment questionnaire, we hear you. Anyone tasked with leading or executing a vendor risk management program knows the administrative aspects can be a heavy lift. In most cases, it’s up to 80% of the workload!

Regardless, it’s a critical...

March 2, 2020

The sheer volume of third parties and suppliers that corporations now engage has manifested an unduly complex system of vendor security assessments. Additionally, more stakeholders, especially Senior Management and Boards, require insight into the risks and vulnerabilities that come from using outside suppliers. With different performance demands, varying...

October 22, 2019

SIG Integration Reduces Time-to-Value For Enterprises and Their Vendors

Privva, a leading third-party risk management platform, announced it has extended its relationship with Shared Assessments to offer the Shared Assessments Standard Information Gathering (SIG) questionnaire to include the 2020 version. Privva makes vendor risk management easy, utilizing...

October 14, 2019

ARLINGTON, VA - 10/14/2019 (

Industry Experts Join Privva’s Advisory Board 

Privva is delighted to announce the formation of our new Advisory Board. This board will help shape and guide the strategy of the Privva third-party risk management platform. 

"I am excited to welcome Joanne and Lonny to the Privva team.

Their expertise w...

September 30, 2019

Introducing Privva Courses - Sign up for Privva's "How to Build a Top-Tier Vendor Risk Assessment Program" — a 7-day e-mail based course on how jumpstart your third-party risk assessment program, with guides and perspectives from our experienced risk assessment team

Third-party risk management is becoming standard operating procedure across many organizati...

June 10, 2019

Vendor risk management is becoming standard operating procedure across many organizations as client and/or regulatory pressure is increasing.  A key to success is to simplify the security assessment process through iterations so it is sustainable. Taking a step back to understand your organization’s perspective before rushing to execute this requirement c...

June 1, 2019

Privva is excited to announce we are now offering The Higher Education Cloud Vendor Assessment Tool (HECVAT) on our platform.  This content is helping Higher Education institutions simplify the process of assessing their vendors.

The HECVAT was created by the Higher Education Information Security Council (HEISC) Shared Assessments Working Group, in collabo...

May 14, 2019

A recent Ponemon study found that only 34% of companies maintain a comprehensive list of their vendors. 69% of the participants in the study blamed “a lack of centralized control” as the key factor as to why a comprehensive inventory had not been created.

Security departments must take a leading role in these situations in order to effectively manage the r...

March 21, 2019

Electric Utility Sector Third Party Risk: FERC Order No. 850

As of December 2018, new supply chain risk management reliability standards (Order No. 850) issued by the Federal Energy Regulation Commission (FERC) went into effect.

Going forward, electric utilities must assess their vendors during planning and procurement to confirm adequate security posture a...

Please reload