Conduct classifications of vendors and their assets
Understanding the risk your vendors pose is critical to maintaining a secure and compliant operation. Our Vendor Management Module enables you to classify vendors based on risk levels within various compliance areas, ensuring that you can focus your efforts on managing high-risk vendors.
When your classification template is activated you're ready to add it to any relevant vendor in Privacy. Go to the menu item "Legal entities" and choose "Vendors". Now select a specific vendor from the list. On the vendor page open the tab named "Classifications".
Click the button "Add classification". Now you can select the classification templates you wish to apply to the vendor. Only active classification templates will be shown in the dropdown. You have the option to choose from the templates the administrator has created within the classifications section under settings. If you want to answer the template in relation to a specific asset provided by the vendor please select this asset (Optional). Only assets that have already been related to the vendor will appear in the dropdown. These assets are visible under the "Assets" tab on the vendor.
The chosen classifications will now appear in the list under the "Classifications" tab. Simply click "Answer classification" and you will be sent directly to the classification. When you click "Submit" the risk level and score will now be visible in the list. Also, you can see the date for submission and the user it was submitted by. In the overflow menu you can also add a note to the classification.
Based on the risk level and score you will have to take action if some of the answers doesn't match you compliance level. If more needs to be done to ensure that compliance and improvement goals are met, you can write this in the notes on the classification. Also, you can use task management to create and follow-up on tasks related to the the classification.