Vendor Risk customers can make use of UpGuard’s questionnaire library, as well as create custom questionnaires. Where relevant, risks will automatically be generated based on the vendor's questionnaires responses. By default, questionnaire recipients (vendors) will see the risk severity, risk statement and risk detail when they provide a response to the questionnaire that generates a risk.
You have the flexibility to configure how questionnaire risks are presented to recipients or remove the risk section entirely. You can change this within the Settings section.
To do this, navigate to the Questionnaires section in Settings and select your chosen setting from within the “Risk information visibility” section.
This preference is automatically saved, and applies to all questionnaires sent from that time on. You can edit this setting at any time, but it will not apply retroactively to previously sent questionnaires.
If you want to change this setting on a per-questionnaire basis, you can do this via the first step in the “Send questionnaire” process.
Hide severity
If this option is selected, risks will still be presented to questionnaire recipients, but information on that risk’s severity will be disabled.
Hide all risk information
If this option is selected, the entire risk field, including the risk detail and ability to add compensating control information will be hidden from the questionnaire recipient.