Case Study: Medium Enterprise Insurance Company achieves faster, centralized third-party risk management and compliance reporting with Prevalent

Medium Enterprise Insurance Company - Customer Case Study

Medium Enterprise Insurance Company faced mounting regulatory and cybersecurity pressures — needing to report against frameworks like GDPR, NIST 800-53, NYDFS and CCPA, strengthen third-party security, and reduce the operational burden of vendor assessments. After evaluating alternatives such as BitSight, OneTrust and RiskRecon, they selected Prevalent and deployed Prevalent’s third-party risk management solution to centralize TPRM functions, enable continuous monitoring, and streamline sharing of completed assessments and evidence.

Prevalent implemented an automated risk and compliance register, mapping capabilities to frameworks (ISO, NIST, GDPR, CoBiT 5, SSAE 18, SIG/SIG Lite, NYDFS) and a user dashboard for tasks, schedules and survey status. As a result, assessments now complete in 3–4 weeks, the company saved several days per assessment on average, and Prevalent’s differentiated capabilities helped the insurer centralize vendor risk, improve monitoring and plan to grow vendor assessments by more than 25% in the next year.