Stop the Spreadsheet Nightmare

Onboard vendors 10x faster, automate compliance evidence, and prove risk visibility to your board, without adding headcount or guesswork.

Designed and built by practitioners who've managed TPRM for 25+ years, so you don’t have to guess.

Pay As You Go (PAYG)

$99/mo*

Includes your first 50 vendors · billed monthly

Perfect for small teams and organizations taking their first steps into structured third-party risk management.

Pay only for the vendors you manage — no seat-based fees

Up to ~100 vendors in our shared, secure multi-tenant environment
Full vendor lifecycle: onboarding → assessments → (PAYG-optional) monitoring → Reassessments → onboarding
Smart-Supported Scoring engine included on every vendor
Add continuous monitoring with a single click — PAYG per vendor
Add ISO 27001 certificate auto-validation  — PAYG per vendor
Risk Dashboard & reports
Email support
Multi-factor authentication (MFA)
start free trial

SMB Most Popular

$249/mo*

Includes your first 250 vendors · billed annually

Built for growing organizations who need scalable vendor onboarding, risk scoring, and workflow automation at predictable cost.

Everything in PAYG +

Significant vendor-fee discounts as your portfolio scales
Ready for continuous monitoring of Tier 1 & Tier 2 vendors (Optional In-App Add-On)
Supports automatic ISO 27001 certificate validation (Optional In-App Add-On)
Enhanced executive dashboards, heat maps, and trend reporting
Automated Risk & Asset registers
Priority email support · Dedicated onboarding assistance
Logical segregation available in shared environment
Fully automated vendor tiering & risk scoring
Continuous monitoring + ISO validation included
Reassessments & offboarding – zero effort required
start 14 day free trial

Enterprise

From $1299 /mo*

Includes your first 1000 vendors · billed annually

Designed for large or regulated organisations who need automation, scale, and enterprise-grade security.

Everything in SMB tier +

Priority Support
Guaranteed physically & logically segregated tenant
Dedicated account manager + SLA-backed response times
Ready for optional continuous monitoring and ISO validation at scale
Custom integrations & premium audit/board-ready reporting
Negotiated volume pricing bands (the more vendors, the lower the per-vendor rate)
Multi-year commitments & payment terms available
API access & integration
Full SSO, RBAC & audit logs
Talk to Sales

TPSaaS Managed

$499/month

From $250k /yr

Fully outsourced Third-Party Risk Management

For organisations who want TPSaaS to run their entire third-party security programme.

All Enterprise Features

Fully managed service — your vendors, our responsibility
Continuous monitoring and ISO validation included as part of the managed programme
Dedicated senior risk analyst team
Personalized company Portal, white-labelling options
Custom workflows, quarterly business reviews, training
Unlimited Support
Free Consultation
Talk to Sales

Side-by-Side Comparison

PAYG
SMB
Enterprise
TPSaaS Managed
Core Platform
Onboarding → Assessment/s → Monitoring → Reassessment → Offboarding
Smart-Supported Scoring Engine
(automated risk scoring on every vendor)
Vendor & risk dashboards and exportable reports
Email support
Multi-Factor Authentication (MFA)
Secure shared environment
-
-
Logical / physical segregation
(dedicated tenant environment)
Automation & Monitoring
-
Add-On
Automatic Vendor Tiering
Automatic ISO 27001 certificate validation
Continuous Monitoring for Tier 1 & Tier 2 vendors
Add-On
Add-On
Add-On
Add-On
Add-On
Risk trend & heatmap visualisation
Security, Governance & Integrations
Role-Based Access Control (RBAC)
SSO (SAML / OAuth / SCIM)
Add-On
Add-On
Audit logs & activity tracking
Add-On
Custom workflows & approvals
-
Add-On
API access & integration
-
Add-On
Custom integrations
-
Add-On
Negotiated
Negotiated
Dedicated account manager
-
Add-On
Dedicated Risk analyst team
-
-
-

Estimate Your Cost

Monitoring is billed per monitored supplier per year. Rate depends on your plan.

FAQ

Why is Third-Party Security Risk Management (TPSRM) important for my business?

up arrow icon

Over 60% of companies experienced a third-party data breach last year, a 49% increase from the year before. Your vendors, suppliers, and partners often process sensitive customer data or provide critical services, meaning their weaknesses become your risk. TPSaaS helps you identify, assess, and continuously monitor these risks so you can reduce exposure, stay compliant with regulations (e.g. DORA, GDPR, HIPAA), and protect your reputation.

How does TPSaaS differ from traditional vendor assessments or rating tools?

up arrow icon

Most organisations still rely on spreadsheets and one-off questionnaires, covering only about a third of their vendors. TPSaaS replaces this manual, fragmented approach with an end-to-end platform that:
• Automates onboarding, risk tiering, and due diligence.
• Provides continuous security monitoring and alerts.
• Maps risks directly to compliance frameworks (ISO 27001, SOC 2, DORA, etc.).
• Covers the full vendor lifecycle, from onboarding through to offboarding.
This reduces assessment time, eliminates blind spots, and ensures risks are not just tracked but actively remediated.

Who typically uses TPSaaS inside an organisation?

up arrow icon

Our solution is designed for Risk, Security, Compliance, IT, Incident, and Procurement teams. Each has different priorities – for example, security teams want to mitigate vendor cyber risks, procurement teams want faster onboarding, and compliance teams focus on audit-ready reporting. TPSaaS unifies these needs into one platform, ensuring collaboration and visibility across departments.

Is TPSaaS suitable for regulated industries like Finance and Healthcare?

up arrow icon

Yes. Regulated sectors face the strictest requirements for vendor oversight, and new frameworks such as DORA in the EU and the UK’s Critical Third Party regime will soon hold organisations accountable for the resilience of their suppliers. TPSaaS is built for this environment – offering secure AWS-hosted architecture, compliance-aligned workflows, and scalable monitoring that meets the needs of financial services, healthcare, fintech, and other highly regulated industries.