Vendor Risk Manager help organizations audit and manage third-party risks as mandated by regulations and standards, such as ISO 27001, PCI, and FISMA. Vendor Risk Manager classifies, assesses, and reports on third-party risk based on a standard control framework from shared assessment programs, or on an organization's custom control framework. Vendor Risk Manager provides a portal where vendors can participate in assessments for your organization's risk analysts. Vendors are classified automatically into appropriate tiers and applicable controls are applied based on the vendor tier. Powerful delegated administration and automation features allow Vendor Risk Manager to scale to large vendor populations.