How to Manage the Vendor Risk Lifecycle
Prerequisites
At least one vendor in the system
Access to the vendor's Manage Risk tab
Accessing Vendor Risk Management
Navigation: Sidebar → Vendors → [Select Vendor] → Manage Risk Tab
Click on a vendor to open their details page.
Navigate to the Manage Risk tab.
Existing risks are displayed as category cards with severity indicators.
Creating a New Risk
Click the Add Risk button on the Manage Risk tab.
Fill in the risk details:
Risk Name — descriptive name for the vendor risk
Description — detailed explanation
Assignee — user responsible for managing this risk
Due Date — target resolution date
Click Submit to create the risk.
Risk Lifecycle Stages
Stage 1: Risk Initiation
Review the risk details (name, description, owner, due date).
Add context, linked documents, or related notes.
Proceed to the next stage when initiation is complete.
Stage 2: Risk Scoring
Evaluate the risk's likelihood and impact.
The system calculates a combined risk score.
This score determines the risk's severity category and priority.
Stage 3: Risk Management
Define the treatment strategy (mitigate, accept, transfer, avoid).
Upload risk evidence documenting treatment actions.
View and manage evidence documents with the evidence upload panel.
Create follow-up tasks for specific remediation actions.
Attach private documents visible only to your internal team.
Stage 4: Risk Closure
Document the resolution summary and outcome.
Confirm closure to complete the risk lifecycle.
Closed risks are retained for audit trail purposes.
Linking Unlinked Documents
If documents exist that should be associated with a risk, use the Link Document option.
Select from unlinked documents in the vendor's document library.
Troubleshooting
| Issue | Solution |
|---|
| Cannot create a risk | Verify your role has Risk Create permission. |
| Cannot proceed to next stage | Complete all required fields in the current stage first. |
| Evidence upload fails | Check file format and size limits. |
| Risk score not calculating | Ensure both likelihood and impact values are entered in the Scoring stage. |
Related Articles
How to Send Risk Assessments to Vendors
Prerequisites At least one vendor with identified risks in the Manage Risk tab Access to the vendor's risk section Sending Risks to a Vendor Navigation: Sidebar > Vendors > [Select Vendor] > Manage Risk Tab Step 1: Select Risks to Send Open a ...
How to Manage Vendor Categories
Prerequisites Access to the MasterVault section Accessing Vendor Categories Navigation: Sidebar > MasterVault > Categories Click MasterVault in the sidebar. Navigate to the categories section within MasterVault. You will see the list of existing ...
How to Review Vendor Risk Scores
Prerequisites At least one vendor with a completed assessment Access to the vendor risk section Viewing Vendor Risk Scores Navigation: Sidebar → Vendors → [Select Vendor] → Risk Tab Step 1: Open Vendor Risk Details Click Vendors in the sidebar. Click ...
How to Generate Vendor Risk Reports
Prerequisites At least one vendor with assessment data Access to the Reports section Generating a Report Navigation: Sidebar → Reports Step 1: Open Reports Click Reports in the sidebar. The Reports page shows available report options and previously ...
How to Add a Vendor
Prerequisites Access to the Vendors section Vendor name and domain information (Optional) Business owner details, industry classification, and tier information Adding a Single Vendor Navigation: Sidebar → Vendors → Add Vendor Step 1: Vendor ...