Manage vendor risk end-to-end — from onboarding to ongoing monitoring
Sentinel Unity's TPRM module covers the full vendor risk lifecycle: tiering, due diligence, assessments, contracts, and continuous monitoring — aligned to SAMA CSF requirements.
Vendor Registry
Complete vendor inventory with automated risk tiering
Maintain a single source of truth for all vendors with automated tier calculation based on data access, criticality, and regulatory exposure.
- Automated tier assignment (Critical/High/Medium/Low)
- Vendor profile with industry, country, and contract details
- Data access and system integration mapping
- SAMA CSF risk classification alignment
- Vendor portfolio dashboard with tier distribution
Due Diligence
Structured due diligence requests for every vendor
Send pre-built or custom questionnaires to vendors during onboarding. Track completion, score responses, and flag gaps automatically.
- Pre-built SAMA CSF due diligence questionnaires
- Vendor portal for self-service response submission
- Response scoring and risk flag detection
- Document upload (ISO certificate, pen test report, etc.)
- Escalation workflow for incomplete submissions
Contract Management
Track contracts, expiry dates, and security obligations
Never miss a contract renewal. Manage security clauses, audit rights, and expiry dates with automated alerts.
- Contract document storage and versioning
- Security clause extraction and tracking
- Automated expiry alerts (90/60/30 days)
- Audit rights and breach notification clauses
- SLA and compliance obligation tracking
Full Capability
Everything you need to manage third-party risk
Sentinel Unity's TPRM module covers every stage of the vendor risk lifecycle — built for financial institutions operating under SAMA CSF.
Vendor Tiering
Automatically classify every vendor into Critical, High, Medium, or Low tiers based on data sensitivity, regulatory exposure, and business criticality — with configurable scoring weights.
Assessment Campaigns
Launch bulk or targeted vendor assessment campaigns with pre-built SAMA CSF templates. Track response rates, completion, and scoring from a single campaign dashboard.
Contract Alerts
Never miss a vendor contract renewal. Automated 90-, 60-, and 30-day alerts ensure your team has time to renegotiate security terms before expiry.
Risk Scoring
Generate composite vendor risk scores from due diligence responses, assessment results, and contract terms — updated continuously as new information is received.
SAMA CSF Alignment
Every TPRM workflow is pre-mapped to the relevant SAMA CSF vendor risk controls — giving SAMA-regulated institutions out-of-the-box alignment with financial-sector expectations in the Kingdom.
Continuous Monitoring
Track vendor risk posture over time with periodic reassessment scheduling, incident tracking, and automated alerts when a vendor's risk tier changes.
See how Sentinel Unity manages your vendor risk lifecycle
From vendor onboarding to continuous monitoring — all aligned to SAMA CSF third-party risk requirements.
No commitment required. Typical demo is 45 minutes.
Customers
What practitioners tell us
“Sentinel Unity gave us a single source of truth for NCA ECC compliance. Assessments and gap reports are exactly what our CISO needs for the board.”
Fahad Al-Rashid
Chief Information Security Officer
Diversified group, GCC
“SAMA CSF used to mean an annual scramble. TPRM and vendor assessments are now continuous — with evidence we can stand behind.”
Noura Al-Khalidi
Head of GRC
Digital Bank, Gulf Region
“PDPL and ISO 27001 in one mapped program. We export posture to leadership without reconciling three spreadsheets.”
Abdullah Al-Saeedi
Data Protection Officer
Public sector authority, Gulf region