Vendor risk waivers lets you waive vendor risks identified by automated scanning, security questionnaires, and additional evidence. As such, there are a number of places you can use as the starting point for creating a vendor risk waiver.

Waiving risks from the risk profile

You can use the Risk Profile to create a vendor risk waiver. If you are exploring a vendor’s risk profile and identify a risk you want to waive, click on the risk to expand it. Once the risk is expanded, you’ll see an option to Waive this risk.

Once you click Waive this risk, you’ll be dropped into the second step of the vendor risk waiver process, Approvals and Expiry. Select whether the waiver requires approval, provide a reason for waiving the risk, set an expiry date if applicable, and then click Confirm and next.

You’ll be taken to the final step of the process Review and complete. This step is designed to let you review the details of the new risk waiver. When you are happy with the details, click Complete.

Waiving risks from security questionnaires

You can use the Questionnaire details page to create a vendor risk waiver. When you are viewing the details of a security questionnaire, you’ll see risks identified as part of the questionnaire. If you expand a section, you’ll see the underlying risks and next to those risks you’ll have the option to waive the risk.

Once you click Waive, you’ll be dropped into the second step of the vendor risk waiver process, Approvals and Expiry. Select whether the waiver requires approval, provide a reason for waiving the risk, set an expiry date if applicable, and then click Confirm and next.

You’ll be taken to the final step of the process Review and complete. This step is designed to let you review the details of the risk waiver. When you are happy with the details, click Complete.

Waiving risks from portfolio risk portfolio

You can create a vendor risk waiver from the Portfolio Risk Portfolio (1). When you can identify a risk, clicking into it will reveal the vendors exposed to the risk (2). If you wish to waive a risk at a particular vendor, click on the vendor and then click Create a Risk Waiver (3).

Once you click Create a Risk Waiver, you’ll be dropped into the second step of the vendor risk waiver process, Approvals and Expiry. Select whether the waiver requires approval, provide a reason for waiving the risk, set an expiry date if applicable, and then click Confirm and next.

You’ll be taken to the final step of the process Review and complete. This step is designed to let you review the details of the risk waiver. When you are happy with the details, click Complete.

Waiving risks from risk waivers

You can create a vendor risk waiver from Risk Waivers which can be found under the individual vendor in the sidebar. Click Create Risk Waiver to get started.

Once you click Create Risk Waiver, you’ll be taken to the first step of the vendor risk waiver process: Select Risk. If the vendor has a lot of risks, you can filter by risk category (1) or free text (2). Once you have selected the risk (3), you can configure which assets the risk is being waived for by clicking on the arrow (4) and then selecting Only Selected (5) and then the assets (6). Once you are happy with your selection, click Confirm and next (7).

Once you click Waive this risk, you’ll be dropped into the second step of the vendor risk waiver process: Approvals and Expiry. Select whether the waiver requires approval, provide a reason for waiving the risk, set an expiry date if applicable, and then click Confirm and next.

You’ll be taken to the final step of the process: Review and complete. This step is designed to let you review the details of the risk waiver. When you are happy with the details, click Complete.

Did this answer your question?