Defense add-on · Included in Enterprise

Clean at onboarding isn’t clean today

Sanctions and restricted-party lists change constantly. Continuous Workforce & Vendor Screening re-checks your employees, contractors, and vendors every night — and on demand — so a new match becomes a reviewable case and one clear alert, not a surprise in your next assessment.

People and vendors get screened once at onboarding, then the lists change and nobody re-checks.
Spreadsheet-driven periodic reviews are slow, inconsistent, and hard to evidence in an assessment.
Alert floods get ignored; silence gets audited. Compliance teams need one clear signal per run.

What you get

Every night

Automatic re-screening

Right now

One-click rescreen

On a match

Human-reviewed case

For the file

PII-safe run reports

How it works

From roster to reviewable evidence in four steps

The module runs on the platform’s existing screening engine and adjudication workflow — the same pipeline, the same decision standards, applied continuously to your own people and vendors.

Import the roster once

Upload employees, contractors, and vendors from CSV or sync via API. Re-uploads match against existing records — preview every change before it commits, nothing is duplicated or deleted.

Re-screen every night

A scheduled engine re-checks every active subject against current restricted-party list data. Need an answer now? Rescreen now runs the identical pipeline on demand, org-wide or per subject.

A new match opens a case

Hits route into the same adjudication workflow as the rest of the platform. A reviewer decides — with a required reason code. The system never blocks or revokes access on its own.

One alert, evidence on demand

A run with hits sends exactly one digest email to your alert recipients; a clean run sends nothing. Every run exports a PII-safe CSV report for your compliance file.

Built for compliance teams

Guardrails first, then convenience

This module makes sanctions-adjacent decisions for defense customers, so the safety posture is the product: humans decide, data stays minimal, access fails closed, and every action leaves an audit record.

On-demand rescreen

A Rescreen now control on the dashboard — organization-wide or per subject — so a new hire or a list update never waits for the nightly cycle.

Human-reviewed decisions

Every hit is adjudicated by a person with a required reason code. There is no auto-clear and no auto-block anywhere in the module.

PII-safe evidence exports

Hits store a hash of the matched name, never the raw name. Alert emails and per-run CSV exports carry counts and identifiers only.

Append-only audit timeline

Imports, runs, hit decisions, and policy edits are recorded in an append-only, PII-free audit trail built for compliance review.

API roster sync

Scoped API keys let your HRIS or vendor-management tooling push roster changes and pull hits without touching the dashboard.

Fail-closed by design

Tenant-isolated at the database layer and plan-gated with monitored-subject limits. Unknown or errored entitlement state denies access — never grants it.

Where it fits

One control inside your compliance program

No regulation names “nightly roster re-screening” as a control — and we won’t claim one does. What continuous screening gives you is the ongoing diligence and the records behind the requirements you do carry:

Supports the personnel-security screening practices behind NIST SP 800-171 — PS.L2-3.9.1 expects individuals to be screened before accessing systems with CUI, and continuous re-screening keeps that diligence current instead of frozen at hire date.
Functions as an internal control in an OFAC-style sanctions compliance program: screening, disposition with recorded rationale, and recordkeeping — the evidence of reasonable care.
Produces the artifacts an assessor asks for: dated run reports, per-hit decisions with reason codes, and an append-only audit trail.

SecurePoint is a screening and decision-support tool. Compliance is a program you run; this module is one control inside it, and it is built to prove that control worked.

Pricing

$99/org/month

Workforce & Vendor Screening add-on on the Defense plan. Included in the Enterprise tier.

Roster import and API sync
Nightly + on-demand re-screening
Hit adjudication with required reason codes
One digest alert per run with hits
PII-safe run report exports
Monitored-subject limit per plan or contract
See full pricing

Continuous Workforce & Vendor Screening — FAQ

Does it ever block or revoke anyone’s access automatically?

No. A new match opens a case for a human reviewer, and closing it requires a recorded reason code. The system flags and alerts; people decide. There is no automated block or lockout path anywhere in the module.

Is continuous re-screening required by CMMC or ITAR?

No named CMMC control or ITAR clause mandates continuous roster re-screening, and we won’t tell you otherwise. What it does is support the personnel-security screening practices behind NIST SP 800-171 and the internal-controls pillar of a sanctions compliance program — screening against current list data, dispositioning every hit, and keeping the records that demonstrate reasonable care. SecurePoint does not certify customer compliance.

Which lists are subjects screened against?

The same screening engine that powers the rest of the platform: OFAC SDN and consolidated sanctions data, the BIS Entity List, and other US restricted-party lists, refreshed on an ongoing basis with list-version records per screen.

How do alerts work? Will my inbox get flooded?

One email per run that finds hits, sent to the alert recipients on your policy (or your compliance managers as a fallback). It carries counts and a dashboard link — no personal data. A clean run sends nothing.

How is it priced?

It ships as the Workforce & Vendor Screening add-on: $99 per organization per month on the Defense plan, included in the Enterprise tier, with a monitored-subjects limit set by your plan or contract.

How is this different from the Third-Party Integrity Monitor?

This module is restricted-party re-screening of your own workforce and vendor roster against sanctions and denied-party lists. The Third-Party Integrity Monitor is a separate add-on focused on integrity signals — adverse media, enforcement, and supplier-risk context — for third parties and intermediaries. Many defense customers run both.

See it on your roster

Find out what changed since onboarding

Bring a roster to the demo. We’ll import it, screen it, and walk the hit-review workflow end to end — the same flow your compliance team would run every day.

Continuous Workforce & Vendor Screening for Defense Contractors | SecurePoint USA