Use this guide to get started in Vendor Risk and get the most out of this part of the UpGuard platform. We'll run through each module and link you to resources to learn more about them.
The UpGuard Vendor Risk section of the Executive Summary provides an overview of the cybersecurity posture of your vendors. This includes your average vendor score, distribution of vendor scores, highest and lowest scoring vendors, and more. You can also customise this report, apply filters, and export it to a PDF file.
Portfolio Risk Profile
The Portfolio Risk Profile summarizes all identified risks found across all of your monitored vendors and allows you to request remediation for specific risks. Each identified risk includes a severity, name, risk type, category, and the number of vendors impacted. Learn more about how to use the Portfolio Risk Profile.
The Vendors module gives you an overview of all of your monitored vendors, and also lets you find, monitor, and remove them from your list. You can also click on a monitored vendor for a summary of their security posture. Learn more about the Vendors module and start adding your vendors.
The Vendor Risk platform allows you to request remediation for specific web security risks from your monitored vendors. Once you have requested remediation, you can view your current requests in the Remediation module. Learn how to request remediation from your vendors.
The Questionnaires module allows you to see all security questionnaires that you have sent to your vendors, their due dates, status, risks detected, and more. Learn how to send a security questionnaire to your vendors.
UpGuard has a range of different security questionnaires available in the Questionnaire Library. In this module, you can view the complete list of available questionnaires, and choose to enable, disable, or preview them, and set custom titles. Learn more about each questionnaire in the library here.
Shared With Me
The Shared With Me module allows companies to proactively publish information about their security posture on their Shared Profile. You'll be able to see any shared profile information for your monitored vendors in this section.
The Concentration Risk module helps you understand your fourth party risk exposure by highlighting your fourth parties' security ratings, number of products, and number of your vendors using them. You can find more information about understanding your concentration risk here.