Learn how UpGuard can help you waive risks identified through automated scanning, questionnaires, and more.
Vendor risk waivers let you waive vendor risks identified by automated scanning, security questionnaires, and additional evidence. Once a risk is waived, it will stop appearing in your vendor’s risk profile and the security rating for the vendor displayed to you will be recalculated. Note that this will only impact the score shown to your organization, not the public security rating for the vendor.
This feature is particularly useful for risks identified through security questionnaires. When you send a questionnaire through the UpGuard platform, we automatically identify risks based on the answers provided by your vendor and then ask for compensating control information. You can learn how to send a security questionnaire here.
If a vendor provides adequate compensating control information and you believe that the risk that was raised is no longer valid, you could decide to waive the risk.
See also: