- Forrester Councils
- Councils Overview
- log in
Posted by Khalid Kark on May 28, 2008
Moody’s recently launched their Vendor Information Risk (VIR) ratings service. The main objective of this service is to reduce the overall burden of conducting risk assessments for organizations, as well as their service providers. The whole idea being that if Moody’s can do a risk assessment on behalf of multiple subscribers, it can make the assessment process a lot more efficient. The service provider will not have to go through multiple assessments and the subscribers will share the cost, and therefore have a much lower price point.
Many CISOs I talk to are sick of performing third party risk assessments; it takes up valuable time, is expensive, and most importantly, pulls resources away from doing actual security work within the company. On the other hand service providers are also having a hard time keeping up with these assessments. A compliance manager at a large service provider estimated that they responded to over 300 audit requests in 2007, and that number would be around 400 in 2008. Thus, a service like this could potentially save millions of dollars for service providers and subscribers.
Industry efforts, such as the BITS framework, have so far focused on providing methodologies but haven’t really addressed the issue of building a platform to ensure consistency across assessments. It was refreshing to see this service from Moody’s that endeavors to take the burden off of your shoulders.
If this service delivers on its promise and is able to gain traction, it has the potential to move others in the industry to follow its approach. Although I think this is a great idea, here are some things to keep in mind as you evaluate this service for your organization.
Lastly, the pricing structure may also influence the decision making for subscribers as well as service providers. I personally think that the current pricing structure is pretty reasonable for the current marketing conditions. Lets hope Moody’s is able to nail this one. What do you think about this service? Does it address your pain points? Are you skeptical? I’d love to hear your thoughts on this.
Save Money On Your Next Software Negotiation
Work with our software negotiation experts to save 10–20% on your next contract »
Lead BT Transformation
Develop customer-obsessed strategies to drive growth »
Forrester's CX Index
Predict how actions to improve CX will affect revenue performance.
Measure the customer experiences that matter most »