July 2020 Product Release

August 05, 2020

Save Custom Reports

Stop creating reports from scratch. Once you've created the ideal report, save it for future use. You can even update existing saved reports or delete ones that you no longer use. Click here for more information. 


Track Residual Risk

You can now track the residual risk of a vendor. A vendor may present a high security risk due to the level of information it handles. However, after conducting the security assessment and establishing the presence of strong controls and safeguards, the actual risk may be much less—resulting in a low residual risk. This makes tracking and reporting more accurate and effective.

You can edit the Residual and Inherent Risk fields by selecting Edit Vendor in the upper right of the Vendor Details page.

NOTE: Assessment renewal cadence will default to residual risk. If a residual risk is not determined, renewal cadence then defaults to inherent risk.

Screenshot of the Whistic Platform


Security Profile Company Level NDA

When sending your Security Profile to a group of users within the same company, now only one user from that group needs to complete the NDA. Once the first user agrees, the remaining users will not be asked to agree to the NDA.

For more help managing a Profile share once sent, go here.


Additional Vendor Certifications

In addition to displaying Privacy Shield self-attestation information for inclusion in vendor profiles in the Trust Catalog, over 400 Trust Catalog profiles now also inform you if a vendor has indicated that they maintain one of the following certifications, speeding up your review process by delivering this information proactively:

  • FedRAMP
  • SOC 2 TYPE 2
  • ISO 27001
  • PCI

The vendor tile in the Trust Catalog will indicate how many certifications the vendor maintains. Once imported to your Vendor Catalog, simply open the Vendor Profile and select the Certifications dropdown to view. Links to each certification are included.

Screenshot of the Whistic platform


View Images and PDFs in the Document Repository without Downloading

Downloading is no longer required in order to view images and PDFs from the Document Repository. Once you select a file from the Repository, just select the "eye" icon to display the image in your browser.

Screenshot of the Whistic platform


Archive Self-Assessment Questionnaires

Declutter old questionnaires by archiving them. Open the questionnaire and select Archive from the upper-right corner. All instances where the questionnaire was shared will still exist with the recipient, even after you archive your version.

Screenshot of the Whistic platform


vendor risk management whistic vendor risk assessment product release

About the author


The latest insights and updates on information security and third party risk management.

Hate security reviews?
Want FREE AirPods?*

Offer valid for any decision-maker/influencer in relation to your company’s third-party risk management strategy. Company size must exceed 100 employees. Exclusions apply. Limit 1 pair per company.