Predictive Risk Profile (3rd party Risk Report)
To access the inherent third-party risk profile by AI:
Navigate to Third-Parties -> Catalogue
Click the Add third-party button and create a third-party
Click on the Overall risk profile icon to open the Predictive Risk Profile
Under the Predictive Risk Profile tab, you will find detailed information about the third-party with the following sections:
AI Helper, Lexi: Lexi will automatically suggest a risk level based on the information given. You can change the risk level yourself by clicking the dropdown. You can also download the risk profile as a PDF.
Company Overview: Here you will find information such as:
Headquarters: The main or central office of the organization.
Public Listing Status: Whether the organization is publicly traded on a stock exchange or not.
Operational Countries: The countries where the organization actively operates or conducts business.
Number of Employees: The approximate total number of people who work for the organization.
Revenue Estimate: The organization’s approximate annual revenue.
Executive Summary: The Executive Summary provides a high-level narrative overview of the third-party’s overall risk profile, highlighting the most significant vulnerabilities and strengths across all assessed domains, with emphasis on factors most relevant to third-party risk management and business operations.
Summary Table: The Summary Table presents a quick-reference grid of all nine risk domains, showing the assigned risk level (Low/Medium/High), confidence score (Low/Medium/High), and a concise key insight for each domain to enable rapid risk assessment at a glance.
Detailed Assessments: The Detailed Assessments section contains information such as:
Assurance Reports and Standards: Independent reports, certifications, or standards the organization complies with to demonstrate security, risk, or compliance maturity.
Recent News Mentions: A summary of notable news about the organization.
Regulatory Issues and Fourth-Party Compliance: Regulatory Issues covers any past, ongoing, or potential legal or regulatory problems that could affect the vendor. Fourth-Party Compliance focuses on the vendor’s own supply chain or subcontractors.
Financial Health and Operational Resilience: Financial Health assesses whether the vendor is financially stable and capable of meeting obligations. Operational Resilience looks at whether the vendor can maintain operations during disruptions.
Industry Reputation and ESG Performance: Industry Reputation assesses how the organization is perceived by peers, customer, and the market. ESG Performance evaluates the company’s sustainability, and governance practices.
Cybersecurity and Data Privacy (including Fourth-Party Cyber Risks): Cybersecurity assesses the company’s ability to prevent, detect, and respond to cyber threats. Data Privacy assesses how the company handles, stores, and processes personal or sensitive data.
Operational Risk and Service Resilience: Operational Risk refers to the risk of loss or disruption arising from the vendor’s day-to-day operations. It focuses on the vendor’s ability to deliver services consistently, safely, and without failure. Service Resilience refers to the vendor’s ability to maintain consistent, uninterrupted service despite disruptions or adverse events.
Sources and References: The Sources and References section provides a complete bibliography of all data sources, indices, databases, and reports used in the analysis, with publication years to support transparency, verification, and further research.
Data Gaps and Recommendations: Data gaps identify areas where insufficient, outdated, or missing information limits confidence in the predictive risk assessment.
Please note: The information provided is for guidance only and should not replace your own due diligence. You remain fully responsible for verifying the accuracy and relevance of this information before making any decisions. 3rdRisk accepts no liability for actions taken solely based on this AI-generated content.