Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Page Contents
Table of Contents | ||
---|---|---|
|
Live Search spaceKey ZenGRCOnboardingGuide additional none placeholder Search our site type page
Overview
To edit details for an individual vendor, complete the following steps:
- Navigate to the Vendors pageClick Vendors in the left-hand navigation.
Image Removed
Image Added - Click the linked name of the desired vendor. The Vendors details page displays with information for the vendor.
Image Removed
Image Added - Hover over the desired field. A blue pencil displays.
Image Removed
Image Added - Click the blue pencil. A dialog box displays.
Info title NOTE Selections in the dialog box differ depending upon the dropdown selection.
- Make the changes.
- Click Save.
- Alternatively, click Cancel to close the dialog box without saving changes.
Understanding Terminology
This section describes a few of the terms that are critical to managing a vendor's information security status.
StatesStatus
A state status describes the communication status within ZenGRC between vendors and your organization.
Image Removed
Image Added
The settings for a state status include the following:
- Added - The vendor has been added to your instance, but a survey questionnaire has not yet been sent. This displays automatically after a vendor's addition.
- Pending Assessment - The vendor has completed the survey questionnaire and submitted it. The responses require review, and a risk rating can be set.
- Accepted - Based on the survey questionnaire answers, the vendor is approved. You must manually set this statestatus.
- Rejected - Based on the survey questionnaire answers, the vendor is rejected. You must manually set this statestatus.
Risk Ratings
A risk rating represents security risks your organization may encounter through business dealings. It can be set at any point, even when the vendor is first added and prior to sending a survey. Based on the scores and weights you define in the setup process, ZenGRC automatically calculates your risk when vendors respond to your surveys. However, these can be manually overridden if necessary.
Image Removedquestionnaire.
Image Added
The settings for risk ratings include the following:
- --- This value means the vendor is unrated.
- Low - The vendor has a low security risk.
- Medium - The vendor has a moderate security risk.
- High - The vendor has a high security risk.
Actions
Actions show what step to do next. The settings for actions include the following:
- Send a Survey - The vendor is added to the system. The next step is to send a survey. This action also displays after a vendor has been accepted or rejected so that another survey can be sent for additional assessments.
- Sent Survey - One or more surveys have been sent to the vendor.
Adding Comments
For each update or addition to a vendor's information, you can add comments detailing the change. The comment history is tracked, with the newest displaying below any previous comments.
Tip | ||
---|---|---|
| ||
The red ballon balloon displayed on the Vendors list view page indicates there are new comments. |
To add a comment to a vendor, complete the following steps:
- Click the vendor title to open the Vendors details page.
- In the right pane, enter information into the Write a comment text box.
Click Send.
Info title NOTE For instructions on sending and managing surveys, please see Surveys. Questionnaires.
Include Page | ||||
---|---|---|---|---|
|