Versions Compared

Old Version 29

changes.mady.by.user Tristan Mohn (Deactivated)

Saved on

compared with

New Version 30

changes.mady.by.user Tristan Mohn (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Page Contents

Table of Contents
indent18px


Live Search
spaceKeyZenGRCOnboardingGuide
additionalnone
placeholderSearch our site
typepage

Overview

To edit details for an individual vendor, complete the following steps:

  1. Navigate to the Vendors page.



  2. Click the linked name of the desired vendor. The Vendors details page displays with information for the vendor.



  3. Hover over the desired field. A blue pencil displays.



  4. Click the blue pencil. A dialog box displays.

             

    Info
    titleNOTE

    Selections in the dialog box differ depending upon the dropdown selection.


  5. Make the changes.
  6. Click Save.
  7. Alternatively, click Cancel to close the dialog box without saving changes.

Understanding Terminology

This section describes a few of the terms that are critical to managing a vendor's information security status.

States

A state describes the communication status within ZenGRC between vendors and your organization.


The settings for a state include the following:

  • Added - The vendor has been added to your instance, but a survey has not yet been sent. This displays automatically after a vendor's addition.
  • Pending Assessment - The vendor has completed the survey and submitted it. The responses require review, and a risk rating can be set.
  • Accepted - Based on the survey answers, the vendor is approved. You must manually set this state.
  • Rejected - Based on the survey answers, the vendor is rejected. You must manually set this state.

Risk Ratings

A risk rating represents security risks your organization may encounter through business dealings. It can be set at any point, even when the vendor is first added and prior to sending a survey. Based on the scores and weights you define in the setup process, ZenGRC automatically calculates your risk when vendors respond to your surveys. However, these can be manually overridden if necessary.


The settings for risk ratings include the following:

  • --- This value means the vendor is unrated.
  • Low - The vendor has a low security risk.
  • Medium - The vendor has a moderate security risk.
  • High - The vendor has a high security risk.

Actions

Actions show what step to do next. The settings for actions include the following:

  • Send a Survey - The vendor is added to the system. The next step is to send a survey. This action also displays after a vendor has been accepted or rejected so that another survey can be sent for additional assessments.
  • Sent Survey - One or more surveys have been sent to the vendor. 

Adding Comments

For each update or addition to a vendor's information, you can add comments detailing the change. The comment history is tracked, with the newest displaying below any previous comments.

Tip
titleTIP

The red ballon displayed on the Vendors list view page indicates there are new comments. 




To add a comment to a vendor, complete the following steps:

  1. Click the vendor title to open the Vendors details page.
  2. In the right pane, enter information into the Write a comment text box.

  3. Click Send.

    Info
    titleNOTE

    For instructions on sending and managing surveys, please see Surveys. Questionnaires.


Include Page
di:RH Navigation
di:RH Navigation