The Supplier Shield platform · now inside Acuna GRC

Manage third-party risk —
without the complexity.

Still managing vendor risk in spreadsheets? Acuna GRC is the Swiss-built platform that brings TPRM, privacy, business continuity, enterprise risk, internal audit, and compliance frameworks into one place — with Aiko, an AI agent that works directly on your GRC data. The Supplier Shield TPRM module is part of it.

FromCHF5'388/ year
● Hosted in Switzerland & EU
AcunaAcunaADMIN
ComplyImplementOperateAssurePrivacyTPRM
⌕ Search...

Implement

Implementation progress and metrics

KPI-D08 ↗
Control Effectiveness
On Target
Quarterly↗ Higher is better
KPI-001 ↗
Measure maturity
On Target
Monthly↗ Higher is better
KPI-D06 ↗
Access Review Rate
Off Target
94%
Target 95% (99%)
Quarterly↗ Higher is better
KPI-002 ↗
Measures maturity
Off Target
Weekly↗ Higher is better
© 2026 ABILENE GROUP S.A.v0.0.5
§ Trusted byPublic sector · Health · Finance · NGOs
GaviGroupe REtat de GeneveGold StandardThe Global FundAbilene AdvisorsBanco InvestUNICCCPEGNovartisAirbusSAPNestleRichemontGaviGroupe REtat de GeneveGold StandardThe Global FundAbilene AdvisorsBanco InvestUNICCCPEGNovartisAirbusSAPNestleRichemont
§ First time here?

Two names. One platform.

Acuna GRC

The full platform.

Acuna GRC is the Swiss-built operating system for governance, risk, and compliance. Six modules, including Supplier Shield TPRM, plus Aiko.

Supplier Shield

The TPRM cloud platform.

Supplier Shield is the third-party risk management cloud platform — vendor inventory, risk tiering, adaptive assessments, evidence library, findings, and audit-ready reports.

§ Why teams pick the TPRM module

Built for compliance.
Designed for humans.

§ PILLAR 01

Regulatory compliance

Regulations? CMMC, ISO 27001, FINMA, GDPR, DORA, NIS2, ESG, SOC 2, NIST, and more, mapped automatically.

50+
frameworks supported
§ PILLAR 02

No more 200-question forms

Adaptive questionnaires built by compliance experts so vendors answer once and frameworks reuse responses.

−68%
questions per assessment
§ PILLAR 03

Fast to deploy, easy to use

Bring clarity and control to third parties with a user-friendly platform, account in 3 minutes.

3 min
to first vendor imported
§CMMC§ISO 27001§ISO 27701§FINMA§GDPR§DORA§NIS2§ESG§SOC 2§GPSR§NIST CSF§NIST 800-53§Swiss FADP§PCI DSS§HIPAA§HITRUST§CCPA§TIBER-EU§ENS§CRA§CMMC§ISO 27001§ISO 27701§FINMA§GDPR§DORA§NIS2§ESG§SOC 2§GPSR§NIST CSF§NIST 800-53§Swiss FADP§PCI DSS§HIPAA§HITRUST§CCPA§TIBER-EU§ENS§CRA
§ How it works

Five steps from sign-up
to a board-ready report.

Step 01 · Account in 3 minutes

Onboarding.

Create your tenant. Import your supplier list, manual, CSV, or API. Optional: categorise and map suppliers for a clearer view from day one.

  • Manual / CSV / API import
  • Vendor categorisation
  • Org-tree mapping
§ The flow

One path. Five stages.

INPUTVendor listCSV / API / manualTIERRisk tieringAuto + manualASSESSAssessmentSELF or PROEVIDENCEEvidenceSOC, ISO, …OUTPUTFindingsTickets · reports
Meet Aiko · Inside Acuna

Agentic AI in your
GRC data.

Aiko works directly inside your GRC context to help you move from questions to decisions faster — across frameworks, controls, evidence, risks, and deadlines.

Aiko
Which vendors are non-compliant with DORA art. 28?
Found 7 vendors. 3 critical, 4 medium. Drafting remediation tickets, assign to risk owner?
§ And more automations inside Acuna

The boring work,
handled.

§ AUTO 01

Auto-tier new vendors

Aiko proposes risk tier from criticality, data access, and scope; you approve or override.

§ AUTO 02

Evidence renewal watch

Expiring evidence is detected and request drafts are generated automatically.

§ AUTO 03

Regulatory mapping

New obligations are auto-mapped and draft gap reports prepared for review.

§ AUTO 04

Findings → tickets

Failed controls become Jira/ServiceNow tickets with owner, SLA, and traceability.

§ AUTO 05

Board-ready summaries

Quarterly risk packs are drafted from live data with clear narrative and exceptions.

§ AUTO 06

Cross-module evidence

Upload evidence once and reuse across TPRM, audit, privacy, and BCM modules.

§ Why we moved to Acuna

Supplier Shield is now one of six modules
inside Acuna.

Most TPRM problems do not stop at TPRM. We moved Supplier Shield into Acuna to unify privacy, BCM, ERM, and audit with shared evidence and reporting.

See platform pricing
TPRM
Supplier Shield
BCM
Business Continuity
ERM
Enterprise Risk
PRIVACY
Data Protection
AUDIT
Internal Audit
COMP
Frameworks
§ FAQ

Frequently
asked
questions.

01What is Supplier Shield's Cloud Platform?+

Supplier Shield is the third-party risk management capability that now lives inside the Acuna GRC platform. Same product, same Swiss hosting, same team.

02Is Supplier Shield still its own product?+

Supplier Shield is moving to Acuna. New customers buy Acuna; existing Supplier Shield customers migrate at no additional cost.

03How does it simplify TPRM?+

A user-friendly platform aligned with DORA and NIS2. Adaptive questionnaires reduce unnecessary vendor effort.

§ Seamless TPRM compliance

"Did you know that, according to PwC, 60% of companies faced supply chain disruptions last year — and 55% struggled with poor supplier visibility?"

Less risk, more confidence

See Supplier Shield, live.

A 30-minute walkthrough of the TPRM module inside Acuna. Bring a vendor list and we import it during the call.

Supplier Shield Cloud Platform - Solution | Supplier Shield