To request remediation from someone at your organization, click on Remediation under VENDOR RISK in the sidebar. Your screen should look similar to below. From here you’ll want to click Request remediation.
Clicking Request remediation will take you to the first step in our vendor remediation workflow which lets you select the vendor you want to request remediation from. Select the vendor and then click Confirm and next.
Clicking Confirm and next will take you to the Select risk type step, which allows you to choose between automated scanning and questionnaire-based risks. If you haven’t sent a questionnaire to the vendor, you’ll only be able to select automated scanning risks. Please read our article on how to send a vendor a security questionnaire for more information.
Select the risk type you want to remediate then click Confirm and next.
Clicking Confirm and next will take you to the Select risks and assets step. This step lets you add the risks and assets you want to associate with the remediation request.
If you would like to remediate a risk at a specific domain, click on the corresponding row to expand it (1). This will display all the domains that have the risk. You can also filter the list by using the risk category selector (2) or search bar (3). By default, the most severe risks appear first.
In the example below, I’ve chosen to add the ‘SIP’ port open, SSL not available, and DMARC policy not found risks. Once you are happy with your selection, click Confirm and next.
Clicking Confirm and next will take you to the Review and send step where you will need to select a vendor contact or enter their name and email address. You can also set a due date and reminder date or edit the title and message sent to the recipient(s) on this screen. When you’re ready, click Submit request.
Now that the request has been created, you’ll be able to track its progress in the remediation requests table.