Responses Received

Generating Observations

Submitted to Vendor

Finalizing with Vendor

Question weight can be set in the Template Designer

Correct answers can be set in the Template Designer

Questions can be mandatory in the Template Designer

Dependencies between questions cannot be set in the Template Designer

Questions cannot be mandatory in the Template Designer

The SIG Lite is a company specific questionnaire

The SIG Lite is a ServiceNow developed questionnaire

The SIG Lite assesses basic levels of due diligence and provides a broad but high-level understanding about internal security controls

The SIG Lite assesses service providers that store or manage highly sensitive or regulated information

The vendor and assessor interactions are captured in the Vendor Risk Issue record and are only visible from the portal view

The Vendor Risk Issues created and the activity and history are lost from the Vendor Assessment Portal when the associated vendor contact changes

The Vendor Risk Issues created and the activity and history will remain in the Vendor Assessment Portal even when vendor contacts change

The vendor and assessor interactions are captured in the Vendor Risk Issue record and are only visible from the platform view

Fix Scripts

Field Normalization

Import

Create issues from the assessment if necessary

Update the vendor risk score

Email the vendor

Answer questions the vendor forgot to answer

To help vendors improve their security posture and preparedness

To assess and manage the risk from interactions with vendors and third parties

To help negotiate the best possible price for a product or service from the vendor

To verify that vendors have adequate measures and processes in place to ensure profitability of vendor

Generate audit tasks for the vendor risk team

Can only be seen by the customer’s vendor risk team

Provide vendor direct access to update and respond to Issues

Can be generated on-demand or automatically due to an incorrect answer