Editing vendor information

From the left menu, select Vendors.

Select the Vendors tab.

Select the vendor whose information you want to edit.

Edit any or all of the following:

1. Vendor name - Mouse over the vendor name to change it.

2. Category - The classification the vendor belongs in, e.g. Security.

   Tip

   To remove a category from the list, you must remove it from all vendors. Once the category is not associated with any vendors, it no longer appears in the list. For example, if you have a 'Security' category, and change all of the vendors assigned to that category to a new category, e.g. 'Safety', 'Security' is automatically removed from the list.

   Tip

   To fix a typo in the list of categories:

   1. Select the vendor that belongs to the category with the typo.

   2. In the right pane, mouse over Category and then click the Edit icon.

   3. Click Add a new category. Create the new category.

      The vendor is automatically assigned to the new category and the misspelled category is removed from the list.

      Note that these steps must be done for all vendors with the misspelled category.

3. Status - The vendor’s standing in your organization.

4. Owner - The individual in your organization responsible for the vendor. Note that only administrators and compliance managers or users with manager permissions can change the owner.

5. Vendor contact - Your point of contact (or contacts) for the vendor.

6. Contract start and end dates - The length of your contract with the vendor.

7. Risk level - The level of risk the vendor poses to your organization. Note that the risk level is calculated from assessed risk and control mitigation via questionnaires and can be overwritten.

8. Tolerance -

   Vendor health is calculated by comparing the risk level to the tolerance. If the risk level is less than or equal to the tolerance, the vendor is 'Healthy'. If the risk level is greater than the tolerance, the vendor is 'Critical'. If either value is not set, the vendor is 'At risk'.