Vendor Risk Management

Inherent Risk Scoring & Vendor Classification

Determine Due Diligence Levels and Assessment Scope from Inherent Risk Scores

One of the initial key steps in onboarding a vendor is determining the level of inherent risk, as this determines the depth of due diligence the company must conduct on a vendor. Although all third-party vendors must be onboarded, they do not merit equal attention. Vendors that provide essential services, or hold sensitive data, carry a high degree of inherent risk, and must be scrutinized as such.

ProcessUnity Vendor Risk Management helps organizations to score inherent risk and determine which third parties carry meaningful risk that requires more than a cursory review, through the following:

Standardized Inherent Risk Questionnaires

ProcessUnity VRM has built-in simple, standardized questionnaires that helps to determine whether or not the vendor requires deeper due diligence, consisting of a set of internal yes/no questions in which affirmative answers add a pre-defined number of points to a risk score.

Automated Inherent Risk Intake Processes

An intelligent intake process acknowledges differences in risk that merit different degrees of review, prioritizes the vendors who require further investigation and reduces costly and time-consuming analyst input. Intake automation also helps to streamline processes, ensuring that all vendors have been properly assessed to the required level.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-functional	1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Functional".
cookielawinfo-checkbox-marketing	1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Marketing".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non Necessary".
PHPSESSID		This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Type	Duration	Description
__tawkuuid	persistent	6 months	This cookie remembers you so that we can link chat conversations together to provide a better service. It expires within 6 months.
bcookie	0	2 years	This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
bscookie	1	2 years	This cookie is a browser ID cookie set by LinkedIn share Buttons and ad tags.
cf_ob_info	0	1 minute	The CloudFlare service is mostly used for content distribution network (CDN) services.
cf_use_ob	0	1 minute	The CloudFlare service is mostly used for content distribution network (CDN) services.
lang	0		This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	0	1 day	This cookie is set by LinkedIn and used for routing.
lissc	0	1 year	Cookie used for Sign-in with Linkedin and/or for LinkedIn follow feature.
TawkConnectionTime	session		Cookie set by the live-chat support platform Tawk.to.

Cookie	Type	Duration	Description
__stid	0	1 year	The cookie is set by ShareThis. The cookie is used for site analytics to determine the pages visited, the amount of time spent, etc.
__stidv	0	1 year	The cookie is set by ShareThis. The cookie is used for site analytics to determine the pages visited, the amount of time spent, etc.
_gcl_au	0	2 months	This cookie is used by Google Analytics to understand user interaction with the website. All information this cookie collects is aggregated and therefore anonymous.
Google Analytics			These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site and offer visitors the best information possible. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous.

Cookie	Type	Duration	Description
_mkto_trk	0	2 years	This cookie is associated with an email marketing service provided by Marketo. This tracking cookie allows the website to link visitor behavior to the recipient of an email marketing campaign, to measure campaign effectiveness.
IDE	1	2 years	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
li_sugr	0	2 months	This cookie is a browser ID cookie set by LinkedIn when an IP address is not in a Designated Country.
u	0	2 months	LinkedIn Insight Tag, when IP address is not in a Designated Country
UserMatchHistory	0	4 weeks	Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.

The Undisputed Leader in Vendor Risk Management

Evaluating Third-Party Risk Management Software? Speed Up the Process with Our RFP Starter Kit

Vendor Risk Management

Inherent Risk Scoring & Vendor Classification

Determine Due Diligence Levels and Assessment Scope from Inherent Risk Scores

Standardized Inherent Risk Questionnaires

Automated Inherent Risk Intake Processes