Vendor Risk Management

  • Updated

With the Vendor Risk Management feature, you can assess and manage the risk of Vendors in one centralized location.

 

Overview

  • From the Vendors page, the Overview tab will give you a visual summary of 
    • Security reviews progress
    • Vendors managed 
    • Vendor discovery

Screenshot 2023-12-07 at 3.46.16 PM.png

 

Discovery

The Vendor's discovery page will detail what vendors are being utilized within your organization and the associated risk level.

From the Needs Review tab, you can choose to add or ignore vendors to your Managed Vendors list

  • Select the vendor(s) you would like to review, and choose Add or Ignore 
  • Vendors added will be visible from the Managed vendors tab

Screenshot 2023-12-07 at 3.51.11 PM.png

Procurement 

Procurement requests for new vendors can be managed from the Procurement tab.

  • To add a procurement request, select +Add procurement request
  • Provide a vendor name, category, and assign an owner
  • Complete the Additional details section 

Screenshot 2023-12-07 at 3.56.40 PM.png

  • Select Add Procurement request 

To start the review, select Start 

  • Make any necessary changes to the information and select Continue to inherent risk scoring 

Screenshot 2023-12-07 at 4.00.54 PM.png

  • Leverage the auto-risk scoring functionality or manually input Risk attributes 
  • Begin the security review 

Screenshot 2023-12-07 at 4.02.57 PM.png

Security Reviews 

  • Click on the vendor you would like to start the security review for
  • Request documents from the Vendor by selecting Request documents and using the security review private link functionality or Upload the documents manually

Screenshot 2023-12-07 at 4.06.20 PM.png

 

  • Continue to add findings and add any additional information 
  • Make a final decision
    • Approved
    • Conditionally approved 
    • Not approved 
  • Mark Review as complete 

Screenshot 2023-12-07 at 4.08.31 PM.png