Specifications include, but are not limited to: The purpose of this RFQ is to solicit qualified, cost-effective, and competitive responses for a specialized secure, web-based, no-code Software as a Service (“SaaS”) system to serve as instrument to monitor, assess and track Governance, Risk, and Compliance (“GRC”) audits and to support the Vendor Risk Management (“VRM”) program with an application to fulfill its mission in third-party risk management (“TPRM”). The goal is to provide the EOTSS Enterprise Risk Management (“ERM”) team with effective data tracking and reporting services to effectively manage audits, compliance, and risk management. This new application would simultaneously provide a method to track internal audits and replace the current CABEM application, in use with VRM. It should include the below essential elements: Conduct 3rd Party Risk Assessment Self-Customize Assessment, Reports and Notifications Self-Customize Product Supports Custom Scoring Onboarding & Offboarding management Continuous Monitoring Email notifications and alerts Vendor Collaboration/ Follow-up Product Scoring and Comparison Automations Data Analytics Multiple User Levels Supports Single Sign On Assesses Vendor Criticality Internal Prioritization Models Action Items/ Issue Management Track Vendor Progress Over Time Product Training Including Hands-On and Virtual Learning Environments Third Party Risk Training and Guidance
