TPRM Enhancements

This feature is available in the New Drata Experience.

We’ve introduced several improvements to Third-Party Risk Management (TPRM) to provide greater flexibility, visibility, and control across vendor workflows.

What’s New

• Custom Questionnaire Subject Lines — Customize assessment email subject lines to improve vendor recognition and response rates.

• Expanded Email Character Limit — Provide more detailed instructions and context in initial outreach to reduce follow-up questions.

• Expanded SOC 2 Report Fields — Document more comprehensive details for findings, controls, and services without restrictive character limits.

• Enhanced SOC 2 Field Visibility — View expanded audit data for findings and controls directly within the platform.

• Expanded Password Policy Options — Define more granular vendor access requirements to align with your organization’s security standards.

• 30,000-Character Risk Descriptions — Capture complex and technical risk scenarios in a single, comprehensive entry.

• Source-Linked Tables — View the originating source of a security review directly within document tables for easier validation.

• Security Owner Filter — Quickly filter vendors by assigned security owners to streamline workflow.

These enhancements improve vendor communication, expand documentation flexibility, and provide deeper visibility into audit and risk data.