Version 3.1 Release Notes (Vendor Risk)

Note: The following features are not added to Vendor Risk Management by default. For information on adding these features to your version of the app, contact your CSM.

New Features

Point in Time Reporting

  • With the new Point-in-Time reporting feature, users can view historical information in reports in order to compare and contrast against information from previous timeframes. For instance, a vendor team can easily compare a vendor assessment's summary report with the previous year's report. Admins can enable this feature from the Configure Filters palette when editing a report.

IT Risk Management Integration

  • Users in the Vendor Team user group can now link vendor engagements to an information asset from the IT Risk Management app. This will increase visibility between the two apps and give users more detailed information about their vendors and the assets they provide. 

    • The attached information assets can be viewed in the new Critical Assets by Vendor Engagement Overview report.

Assessment Scoping Improvements

  • The Vendor Assessment form has been enhanced to better support scoping exercises.  When the vendor team is scoping an assessment, instructions will be visible to walk them through the process.  After scoping, the instructions will be replaced with a tabular view of the scope for simple reference. This will reduce confusion on users and make the scoping process easier overall. 

In-App Alerts

  • Users in the Vendor Team user group will have access to a new Alert Management activity. This will allow Resolver's content team to provide customers subscribing to vendor questionnaire content with vital news and updates. This lets the vendor team know when new updates are available and allows plenty of time to plan how to leverage them.

Miscellaneous Improvements

  • We have made the following adjustments to user groups:

    • The Vendor Contact user group has been renamed to Vendor Contact (Limited User).

    • The Assessee user group has been renamed to Assessee (Limited User).

  • Members of the Issue Owner user group will have read-only access to vendor assessments in the following workflow states: 

    • Planning

    • Submitted to Vendor

    • Review

    • Remediation Required

    • Approved

  • Administrators can now archive and review the following object types:

    • Vendor Assessments

    • Issues

    • Alerts

    • Vendor Questionnaires