Streamline Third Party Risk Assessments

With evolving security requirements, assessing your partners’ security posture should not be a one-time event. Stay up-to-date, in real-time, with ongoing visibility into your partners’ information security program to ensure they meet your InfoSec standards.
Try it free. No card required. Instant setup.
Define Assessment Requirements by Category, Severity, and other criteria from the following Frameworks:
CIS Logo
PCI Logo
ISO Logo
CSF Logo
SOC 2 Logo

A New Approach to 3rd Party Assessments

Define Criteria
Select a preset of required questions or build your own filter to determine requirements.
Connect with an Organization
Send a Tentacle Magic Link to external parties and quickly start an Assessment.
Track Completion and Findings
Finalize assessments with notes and findings. Log additional assessments as content changes

Security Assessments made easy for all parties

Tentacle streamlines the security risk assessment process for all parties with time-saving features and central management. We believe Assessments are a two-way street. So we built tools that help the Assessor AND those being assessed.

For the Assessor
Easily configure security assessments to meet your organization’s InfoSec standards
Organized data, information, security responses, and assessments all in a centralized platform
Filter and sort security responses by category, criticality, security frameworks and response sentiment
Access documentation inline with security responses or browse non-sensitive documents within the shared Project
Gain ongoing visibility into your partners’ security posture to stay up-to-date on any changes
Spot check shared Projects over time and log Passive Assessments to document ongoing due diligence
For the Assessed
End the repetitive task of answering the same security questions over and over again on mind-numbing spreadsheets
Each question answered is automatically included in subsequent assessments if they are part of the requirements
Attach relevant documents to your responses with ease from your Tentacle document library
Update security responses as your security posture evolves to keep all parties informed
Handle multiple Assessments at once using the same Responses and Documentation
Findings of your Assessment are preserved within the app for reference and remediation

Formal Assessments of 3rd Party Projects

Starting a formal assessment allows you to set a completion date, define specific question criteria, and notify the other party that they are under assessment. This gives you control over the level of assessment and allows you to set multiple parameters.

If the organization you wish to assess is not using Tentacle, a simple Connection Request is used to start the assessment. The 3rd party will be alerted which questions in their new library are required for your assessment. You will remain connected with access to shared content until you or the assessed party break the connection.

If you use a preset Tentacle Assessment Segment, the project you are assessing will display a Risk Rating after all questions are completed.

Passive Assessments

Once you have access to a shared External Project in Tentacle, you can log a Passive Assessment if it already contains the responses and documentation you want to review.

Passive Assessments let you capture a decision and findings without alerting or involving the other party. Typically this is helpful after an initial formal assessment to check in on the posture of another organization and capture subsequent findings.


Log Assessments Over Time

Passive Assessments are logged without alerting the other party. Capture findings over time as things change.


Review Additional Content

Because you can view all of the Questions in a Shared Project. Capture findings outside of your Formal Assessment.

Try Assessments with 30 Days Free Premium

No Credit Card Required. Get access to Assessments and other Premium Features.

Create Your Free Account