For Financial Services Vendors and Clients
The Zero-Cost Vendor Risk Management Standard
Free for Vendors
Answer a questionnaire, upload your evidence documents, and share them with your clients and prospects.
Centralized VRM
Reduce time and resources on questionnaires and meet cyber regulatory requirements.
Free for Clients
Simply select your vendors, request access to their Cyber Package, and assess vendor risk
Open VRM Advisory Board
Volunteering for a better VRM World
Joel Bruckenstein
CEO
John Cooney
Cybersecurity Counsel
Brian Edelman
CEO
Vincent Guyaux
Chairman
Ken Leibow
CEO
Paul Osterberg
CEO
Stephen Simons
CEO
Greg Wilson
CISO
Vendors & Clients
How to Participate
Vendors
- 1. Click the Button Below
- 2. Fill Subscription Form
- 3. Receive Credentials
- 4. Fill 50-Question Questionnaire
- 5. Upload Evidence Documentation
- 6. Manage your Client Access Requests
Clients
- 1. Click the Button Below
- 2. Fill Subscription Form
- 3. Receive Credentials
- 4. Select your Vendors
- 5. Request Access to Vendor Package
- 6. Evaluate Vendor Risk
Chad Ramberg
President
“Finally a Vendor Risk Management standard that benefits both our clients and us.”
Katrina Wilson
VP, Compliance Officer
“We’ve been able to gather more relevant information for vendors from Buckler Open VRM than others!”
How Open VRM Works
Simple Steps to Ease Vendor Risk Management
Patrick Parker
Chief Product Officer
“After manually filling out 6 different cybersecurity questionnaires this week for prospects’ vendor due diligence, more RIAs should use Buckler…
So much faster and no duplication.”
the trickle-down effect
The need for a standard in vendor risk management
As cybersecurity regulatory requirements and security risks increased, vendors are now highlighted as a critical third-party extension for private data management.
When regulations tightened for Financial Services firms, they also tightened for vendors as they must adhere to the same compliance standards as their clients.
VENDORS
SUPPLIERS
THIRD-PARTIES
CONTRACTORS
SERVICE PROVIDERS
J. Gaston Siri
CEO
“OpenVRM is pushing us towards better compliance, thank you.”
The Challenge
Vendors and Clients find themselves in a never-ending spending spiral. Clients struggle to send requests to vendors that struggle to manage them. The result is incomplete, or outdated, due diligence resulting in non-compliance.
Vendors & Clients
The Never-Ending Spending
Annual Re-Certification Costs
All Vendors, and some Clients, pay for certifications like SOC 3, SOC 2 Type 1, SOC 2 Type 2, SIG Lite, SIG Core, etc.
Annual Security Assessment Costs
Vendors and Clients pay for penetration testing and vulnerability scans of networks, applications, cloud, etc.
Annual Due Diligence Costs
Clients contact Vendors who sometimes must answer each Client individually. This unnecessary effort results in incomplete or outdated VRM.
Multiple VRM System Costs
Clients pay for a VRM system while Vendors often pay for multiple, depending on their Clients' requests.
Joe Lucking
Director of Operations
“Open VRM saves us answering 150 different Vendor Due Diligence Questionnaires per year.”
Vendors spend over 15,000 hours per year answering security assessments and companies spend $2.1 million annually, on average, vetting these answers.
The Solution
A unique and free platform to allow Vendors and their Clients to better communicate and manage the due diligence process of vendor risk management.
The Power of Open VRM
Compliance-Driven Way to Identify & Manage Supplier Risks
Home Offices, Agencies, Branches & Advisors
Easily manage vendor cyber risk
Invite Third-Party Vendors to a secure platform where you can easily manage them all, gain vendor visibility and oversight and reduce third-party risk.
Vendors, Suppliers, Third-Parties & Contractors
Save time on client requests
Collaborate, manage and share your vendor cyber package with multiple clients in one location so they can access it upon your approval.
Features
- Compliance-driven vendor framework and industry-standardized questionnaire
- Pre-filled publicly available information from more than 500 Vendors
- Vendor visibility, status, and risk level with dashboard view
- Select best-of-breed vendors and add your local vendors
Benefits
- Gain vendor visibility and reduce third-party risk
- Streamline vendor remediation with faster onboarding and offboarding
- Gain time and productivity handling vendor management
- Select best-of-breed vendors and add your local vendors
Luis Quiroz
Co-Founder & CTO
“We save resources by leveraging Open VRM to share our Due Diligence documents with Clients.”
About
Open VRM
Powered by Buckler
Open VRM (Vendor Risk Management) offers the Financial Services industry a new standard for vendor due diligence management. Unlike traditional VRM software, Open VRM provides vendors with a free, open environment to populate, manage and share a pre-vetted security questionnaire and compliance evidence documents in one private location. Clients of vendors access the Vendor Directory with confidence to request access to Vendor due diligence information. Created by Buckler with oversight from an Advisory Board that includes cybersecurity compliance experts, Open VRM drives faster collaboration between vendors and clients in an ever-growing cyber regulatory world.
An Innovative Fremium Model
