Adds deeper insight into Shop Direct Group’s Third Party Assurance programme

Visit SureCloud at Infosecurity Europe 2013, Earls Court, London 23-25 April, Stand H31

London, UK, 16 April 2013 – SureCloud®, a supplier of Cloud-based IT Governance, Risk and Compliance (GRC) solutions, today announced the introduction of business analytics to the SureCloud Platform to help organisations gain clearer insight into areas of supply chain risk.

Auditing the supply chain for risk, or third party/supplier assurance as it is also known, is a growing area of concern for organisations in the UK. Tight deadlines and stretched resources already make running these programmes challenging enough, but all too often the information collected from the supply chain is not realised to its full potential. SureCloud’s Platform™ is already delivering huge efficiency gains to the process and the launch of this new analytics capability is enabling organisations to make better business decisions based on risk across the whole supplier portfolio.

“Already our platform removes the need for our customers to operate spread-sheet based programmes and frees up highly skilled compliance and risk personnel from extensive administrative tasks,” said Richard Hibbert, CEO of SureCloud. “What’s really interesting for management is that by applying analytics to this whole area we can help them make more informed business decisions regarding third party risk – answering questions like: which are my worst performing suppliers?; do I want to continue to trade with them?; and which compliance requirements are all of my suppliers struggling to meet?.”

These sentiments are echoed by Shop Direct Group, a recent adopter of the SureCloud Platform; “Our comprehensive third party compliance programme requires a robust compliance tool to help us demonstrate that our customer data is secure regardless of its physical location,” said Mike Marshall, Group Security Director at Shop Direct Group. “SureCloud will make managing the due diligence process with our third parties much more straightforward, eliminate the need for e-mailing spread sheets backwards and forwards as we did in the past and have the versatility to support our future needs.”

Key features of the SureCloud Platform include:

- Ability to implement your own supplier questionnaires or leverage SureCloud’s template questionnaires including supplier risk calculations;

- Fine grained permissions to provide different Form views based on Stakeholder Groups;

- Integrated Task Management to alert users to events such as compliance certificate expiry, or to allocate activity to internal or external stakeholders;

- Grouping structures to organize suppliers for example by industry or company size;

- Interfaces with common business intelligence tools such as Microsoft Office pivot tables for slicing & dicing data and creation of “what if” scenarios;

- Dashboards and reporting to provide real-time updates on progress;

- Analytics to identify patterns such as top or bottom performing suppliers;

- Coordination of Third Party Assurance with risk management activities.

The SureCloud Platform automates and radically simplifies the entire compliance management process without forcing organisations to adopt entirely new practices. SureCloud’s flexibility allows them to automate any IT Governance, Risk and Compliance (GRC) process, such as Compliance Audits, Policy Management, Risk Assessments or Third Party Assurance programmes. The SureCloud Platform supports an agile approach to implementation and includes pre-built templates, which means that the solution can be deployed quickly to deliver immediate value. The alternatives to this approach are complex and expensive solutions, which run the risk of failure, or spreadsheets; which do not provide project and task management, central evidence collection, management information or a mechanism for sound auditing. Furthermore, because the SureCloud Platform is priced by user, SureCloud is able to dramatically reduce the total cost of ownership for IT GRC solutions.