Removes Barriers to Leveraging Information Security Assurance Results
The HITRUST Results Distribution System™ (RDS) addresses the highly inefficient process of obtaining, interpreting, and analyzing assessment results from third-party vendors.
Allows Analysts to Manage Vendor Risk More Efficiently by Transforming Outdated Processes
The current system of sharing and managing third-party information assurance results is obsolete — it’s highly inefficient, time-consuming, and negatively impacts an organization’s ability to effectively manage third-party risk. Today, third-party security and privacy results are most often delivered to the assessed entity in a PDF format, which they then pass along to their business partners and stakeholders. These PDFs are often hundreds of pages long, non-interactive, and password-protected, making it difficult for relying parties to find and use the information they need. The entire process is outdated, labor-intensive, and duplicative.
“For third-party risk management systems to achieve their full potential in helping organizations manage their vendor risk, assessment results need to be electronically shared and consumed. HITRUST’s Results Distribution System is a big step in making that possible and will be a strong complement to our focus on vendor interaction through Archer Engage.”
Jeremy Fisher, Vice President of Product, Archer
Addresses the Challenges Facing TPRM Professionals
Along with the time required to chase down vendors, Risk Managers face the mundane tasks of locating and reviewing assessment results, and then manually entering data into tracking spreadsheets and TPRM systems. That means Risk Management teams are devoting enormous resources to inefficient processes that use up time they could otherwise spend on higher value activities that better monitor their vendor populations. In addition, this makeshift approach often misses key information and makes it difficult (if not impossible) to effectively identify and manage risk. Most organizations repeat these inefficient procedures annually for each vendor.
The HITRUST Results Distribution System (RDS) Addresses the Highly Inefficient Process of Obtaining, Interpreting, and Analyzing Third-Party Assessment Results
RDS Uses HITRUST Innovation to Increase Efficiency and Improve User Experience
RDS makes it possible for assessed entities to share results from their HITRUST Assessments securely and electronically with any relying party. Those recipients can then manage and review essential information − such as assessment date, scope, control requirements, scores, corrective action plans (CAPs), and more – using the API interface and their own TPRM solution. Those recipients can then manage and review essential information − such as assessment date, scope, control requirements, scores, and corrective action plans − through the RDS portal or their own TPRM solution. This automation adds efficiency and saves time by eliminating the multiple back-and-forth communications that are common between parties during the annual vendor review process. Whether relying parties manage hundreds or thousands of vendors, RDS delivers game-changing innovation and efficiencies.
At-A-Glance Benefits of the HITRUST Results Distribution System (RDS)
- Reduces the inefficiencies in current approaches by sharing assurance results more efficiently
- Works within your TPRM system to improve data access, security, and storage
- Unlocks the power of analytics by locating and extracting key information faster
- Helps automate TPRM and vendor management activities
- Enables electronic delivery of assessment results to specific individuals or organizations via API interface
- Allows recipients to set alerts based on various assessment thresholds
Added API Functionality
Easy-to-use API implementation options for integration into Third-Party Risk Management VRM/GRC solutions coming in the second half of 2023.
For More Information About the HITRUST Results Distribution System:
Contact your HITRUST Product Specialist
Call: 855-448-7878 or Email: email@example.com