SecurityScorecard allows you assess the compliance risk of working with 3rd parties without having to start a questionnaire process first. We do this by mapping our issue types and respective findings against the questions in a standard compliance framework.
To create a report similar to the one below shown below please follow this 3 step process:
- Get a list of supported compliance frameworks - The response will include a list of supported compliance frameworks along with their key.
- Get the mapping between SecurityScorecard issue types and a compliance frameworks using the key of the framework you are interested in.
- Use the Get Factor Level Ratings for a Company API call for a specific company to get the findings count for each issue type mapped into the compliance framework.