The Board Trends Report is a compilation of insights that help our customers easily communicate trends and changes across your monitored security portfolio to inform executive leadership, boards of directors, and other internal stakeholders.
- Enables customers to easily answer the question “What have we done to reduce the third-party risk this year and how have Ratings benefited my company?”
- Ability to track aggregate historical trends (i.e. Remediations done over time, Number of users engaged from my company, Portfolio average scores over time)
- The Board Trends Report is self-service and customers can generate them on-demand on the platform
Who is the report for?
This report is helpful for day-to-day users of SecurityScorecard Ratings that need to understand trends of third-party risk and assist in the development of reports for executives and board of directors.
- Average Portfolio Score: This graph displays the historical average score of the selected portfolio for the selected time frame.
- Risk Remediation Performance: This graph help displays vendors’ risk and response behaviors over time and gains visibility into whether they are prioritizing actions that protect your business. New findings are security issues that need to be remediated. Remediated findings have been resolved or disputed by impacted companies, while decayed findings have been addressed or reached expiration; no longer impacting scores.
- Number of Monitored Organizations: This graph tracks the number of companies in the selected portfolio for the selected time frame.
- Further Action: see list of vendors(this link is not active when All Portfolios is selected)
- Please note that unique vendors evaluated is only visible when All Portfolios is selected
- Number of Active Organizations: This graph displays how many of your monitored organizations in the selected portfolio are active for the selected time frame. Active companies that are invited to the platform with low grades (C, D, or F) typically exhibit on average a 7 to 8 point improvement within 3 months, while the average score of unengaged companies remains relatively unchanged over the same period.
- Further Action: see list of active vendors (this link is not active when All Portfolios is selected)
- Number of Breaches: This graph helps identify trends that may warrant a review of their Scorecard and risk to your business. This chart displays the number of breaches experienced by the selected portfolio. Research found that organizations with an F were 7.7x more likely to sustain a publicly disclosed breach compared to organizations with an A. The risk of breach increases monotonically as the grade worsens from A to F.
- Further actions: To see the list of all breached vendors (who got breached in the past 12 months), click on the total number of breaches to the right of the chart
- To see breach details:
- Click on a bar to see the list of breached organizations in a specific month
- Navigate to the Breached and Incidents page of the organization by clicking on one of the listed organizations in the modal window
- Top Movers & Bottom Movers: This table displays the best performing and worst performing organizations in the selected portfolio for the selected time frame.
- Organization names are clickable. The link will take the user to the Organization’s scorecard page
- As a Vendor Risk Manager, I want to be able to show my CISO, CIO, and executive team that we understand the risk across our vendor population and how it has improved over a period of time. This will help me demonstrate the value of the SecurityScorecard platform.
- As a Vendor Risk Manager, I want to be able to demonstrate to leadership that my team has a thorough understanding of our vendor population and associated external security risk. This will help my team take appropriate steps to mitigate risk.
- As a Vendor Risk Manager, I want to be able to track and report on how risk is trending across my portfolios over time. This will help demonstrate that we are decreasing the security risk to our organization.
- As a Vendor Risk Manager, I want to know how many issues SecurityScorecard has detected on my vendor scorecards and how many have been fixed. This will help demonstrate that my team is taking action to decrease breach likelihood.
Step by Step Guide
- Navigate to the Analysis Tab
- Select Board Trends Report from the drop-down
- Select a Portfolio or All Portfolios and a time frame (12 months or 30 days)
- Download as PDF (optional)
What’s the best way to read this report?
The report shows the average score overtime for selected portfolios and helps explain reasons for upticks and score drops. The portfolio average score should be read in correlation with the risk remediation, vendor engagement, and breach data underneath. Additional data points at a point in time are available through the hover state at each chart.
What constitutes an active organization?
An active organization has had at least one user sign-on in the past 90 days.
Why can’t I click to see all my monitored vendors?
Drill down on this data point is only available if you have a single portfolio selected.
Why am I seeing only a portion of the charts?
If the Portfolio has been created less than 12 months ago, the charts will have data only after the portfolio creation date.
Why can’t I see the current month when I select the last 12 months?
We calculate the data for each month on the first day of the following month.