Versions Compared

Old Version 31

changes.mady.by.user Tristan Mohn (Deactivated)

Saved on

compared with

New Version Current

changes.mady.by.user Victoria Buhler (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Removed some incorrect information


Page Contents

Table of Contents
indent18px


Live Search
spaceKeyZenGRCOnboardingGuide
additionalnone
placeholderSearch our site
typepage

Overview

To edit details for an individual vendor, complete the following steps:

  1. Click Vendors in the left-hand navigation.



  2. Click the linked name of the desired vendor.



  3. Hover over the desired field. A blue pencil displays.



  4. Click the blue pencil. A dialog box displays.

             

    Info
    titleNOTE

    Selections in the dialog box differ depending upon the dropdown selection.


  5. Make the changes.
  6. Click Save.
  7. Alternatively, click Cancel to close the dialog box without saving changes.

Understanding Terminology

This section describes a few of the terms that are critical to managing a vendor's information security status.

Status

A status describes the communication status within ZenGRC between vendors and your organization.


The settings for a status include the following:

  • Added - The vendor has been added to your instance, but a survey questionnaire has not yet been sent. This displays automatically after a vendor's addition.
  • Pending Assessment - The vendor has completed the survey questionnaire and submitted it. The responses require review, and a risk rating can be set.
  • Accepted - Based on the survey questionnaire answers, the vendor is approved. You must manually set this statestatus.
  • Rejected - Based on the survey questionnaire answers, the vendor is rejected. You must manually set this statestatus.

Risk Ratings

A risk rating represents security risks your organization may encounter through business dealings. It can be set at any point, even when the vendor is first added and prior to sending a questionnaire. Based on the scores and weights you define in the setup process, ZenGRC automatically calculates your risk when vendors respond to your surveys. However, these can be manually overridden if necessary.


The settings for risk ratings include the following:

  • --- This value means the vendor is unrated.
  • Low - The vendor has a low security risk.
  • Medium - The vendor has a moderate security risk.
  • High - The vendor has a high security risk.

Actions

Actions show what step to do next. The settings for actions include the following:

Send a Survey - The vendor is added to the system. The

next

step is to send a survey. This action also displays after a vendor has been accepted or rejected so that another survey can be sent for additional assessments.
  • Sent Survey - One or more surveys have been sent to the vendor. 
    • View Surveys - One or more surveys have been returned by recipients

    .

    Adding Comments

    For each update or addition to a vendor's information, you can add comments detailing the change. The comment history is tracked, with the newest displaying below any previous comments.

    Tip
    titleTIP

    The red balloon displayed on the Vendors list view page indicates there are new comments. 




    To add a comment to a vendor, complete the following steps:

    1. Click the vendor title to open the Vendors details page.
    2. In the right pane, enter information into the Write a comment text box.

    3. Click Send.

      Info
      titleNOTE

      For instructions on sending and managing surveys, please see Questionnaires.


    Include Page
    di:RH Navigation
    di:RH Navigation