Vendor-GRC

Vendor-GRC helps ensure Vendor Managers assess all new suppliers for Governance, Risk & Compliance (GRC) obligations as part of the take-on process and periodically thereafter. When there are changes to GRC procedures or rules, all relevant Vendor Managers can be notified, training examples provided and the changes acknowledged.

With Vendor-GRC you can automate your control environment, including reporting and managing:

• Scheduled Vendor Checklists

  Ensure Vendor Managers confirm compliance with regulatory rules and management procedures, including updating the vendor risk profile, due diligence assessments and measuring the vendor against peers and expectations.

• Scheduled Vendor Manager Disclosures

  Require Vendor Managers to certify the completeness and accuracy of data reported regarding the vendor, including complaints, compensation, risks and issues.

• Scheduled Vendor Contract Checklists

  Require Vendor Managers to certify compliance with the clauses in the contract(s) and Service Level Agreements (SLAs), e.g. quality, timeliness, quantity etc.

• Vendor Issues/Actions

  Report and analyze issues regarding the vendor that require resolution. Ensure each issue/action point is assigned and resolved.

• Vendor Risk

  Ensure the risks associated with each Vendor are identified, analyzed and mapped to controls, e.g. legal jurisdiction, going concern, disaster recovery, etc.

• Vendor Compensation

  Report, manage, authorize and analyze compensation payments due to or from Vendors. Link compensation payments to Complaints and/or Operating Errors.