Aravo Wins GRC 20/20 Innovation Award for Third Party GDPR Compliance

For second year running Aravo is recognized for delivering better GRC efficiency, effectiveness and agility in Third Party Programs

San Francisco, Calif. May 3, 2018. Aravo Solutions, the leading provider of cloud-based third party governance, risk and performance solutions, today announced it had been honored with the 2017 GRC Innovation Award for Technology Innovation in Third Party Management by independent analyst firm GRC 20/20. The Award was provided for the innovation behind Aravo for GDPR, a cloud-application designed to help organizations stand up robust third party GDPR compliance programs quickly and in accordance with regulatory expectation.

The annual GRC 20/20 Awards recognize technology innovation and user experience in governance, risk management and compliance (GRC) programs and processes. The recognition for Aravo for GDPR is especially timely, given that while the General Data Protection Regulation (GDPR) becomes enforceable on May 25 this year, many organizations are still struggling with how they will manage third party (or Processor) compliance.

Michael Rasmussen, GRC Pundit for GRC 20/20, said: “Aravo for GDPR makes GDPR compliance in third party relationships more efficient, effective, and agile. The solution delivers significant business value and brings a contextual understanding of GDPR compliance and control across an organization’s distributed business environment.”

Michael Saracini, CEO, Aravo Solutions said: “We are pleased to receive the GRC 20/20 Innovation Award for Aravo for GDPR. It’s vital that companies ensure that their third parties within scope of this regulation are fully compliant. Many organizations are simply not ready. Using spreadsheets and manual processes for managing third party risk will not be sufficient. This award underscores the innovative work we have completed with our customers leading up to the regulation deadline. Our successes include helping one of the largest and most complex software firms in the world, deliver a best practice GDPR third party compliance program. The distillation of our domain expertise and innovative technology is delivered in this award-winning application – which will allow companies to stand up their programs quickly, cost effectively and with confidence.”

GRC20/20 found: “The key value to organizations using Aravo for GDPR is their integrated and structured solution content and process for GDPR compliance in third party relationships. This is in a solution that can be implemented rapidly without a long project, consultation, and extended deployment time-frames. By providing pre-defined GDPR best practice questionnaires, templates and workflows designed to support third party compliance, Aravo has taken the hard work out of program design, and packaged it up in a way that supports rapid adoption – critical in a time-sensitive regulation such as GDPR.”

The Aravo for GDPR application allows companies to:

  • Centralize third parties into a single inventory
  • Identify third parties (and their subcontractors) in scope
  • Identify all engagements in scope
  • Collect GDPR assessments and artifacts
  • Validate third party information
  • Assess and act on GDPR risk – including workflow provisions for reporting breaches to the DPA within the appropriate timeframes and approved communication processes
  • Monitor and report on GDPR risk and compliance

The win is the second year in a row that Aravo Solutions has been recognized by GRC 20/20. In 2016 Aravo won the GRC 20/20 Award for Value in Third Party Management, where Aravo’s Enterprise Third Party Risk Management solution was found to drive measurable value, delivering better GRC efficiency, effectiveness and agility to complex third party programs.

For a full copy of the GRC 20/20 Research Report on Aravo for GDPR, please visit: Aravo for GDPR: Technology Innovator in Third Party Management

About Aravo Solutions

Aravo Solutions delivers market-leading cloud-based solutions for managing third party governance, risk and performance. We help companies protect their business value and reputation by managing the risks associated with third parties and suppliers, and to build business value by ensuring that their third-party relationships are optimized.

Since 2000, leading global brands across a diverse range of industries have counted on Aravo for their end-to-end enterprise supplier and third-party risk management. Aravo has also distilled this experience and best-in-class technology into rapid time-to-value applications that help companies manage a wide range of programs including: anti-bribery and anti-corruption, responsible sourcing, data privacy, information security, GDPR, financial services regulatory compliance and know your third-party programs.

Providing unrivaled regulatory agility and ease-of-use, together with actionable executive reporting, Aravo supports a user base of 136,000 corporate users, managing more than 4.5 million third party users in 36 languages and 154 countries. Aravo is headquartered in San Francisco, with offices and partners across the US, Europe and Asia.

Aravo has been recognized with GRC 20/20’s Value Award for Third Party Management for providing measurable value in GRC efficiency, effectiveness and agility, and with the GRC 20/20 Innovation Award for Aravo for GDPR. Aravo was named as a Category Leader with the highest “Completeness of Offering” of any provider in the Chartis RiskTech Quadrant® for Third Party Risk Management Solutions 2017, and was named a Challenger in the 2017 Gartner® Magic Quadrant for IT Vendor Risk Management.

About GRC 20/20 Research, LLC

GRC 20/20 is the authority in understanding how organizations implement GRC practices that are effective, efficient and agile. Through independent research and industry interaction, GRC 20/20 advises the entire ecosystem of GRC roles within organizations, technology and knowledge solution providers, and professional service firms. Organizations engage GRC 20/20 when they need insight, guidance and advice in dealing with a dizzying array of disruptive issues, challenges, processes, information and technologies while trying to maintain control of a distributed and dynamic business environment.