How to Send Risk Assessments to Vendors
Prerequisites
At least one vendor with identified risks in the Manage Risk tab
Access to the vendor's risk section
Sending Risks to a Vendor
Navigation: Sidebar > Vendors > [Select Vendor] > Manage Risk Tab
Step 1: Select Risks to Send
Open a vendor's detail page.
Navigate to the Manage Risk tab.
Browse the list of risks for this vendor.
Select the risks you want to send to the vendor using the checkboxes or selection mechanism.
You can select multiple risks for batch sending.
Step 2: Send Selected Risks
Click the Send Risks button.
The selected risks are packaged into a risk assessment and sent to the vendor's SPOC.
The vendor receives an email notification with a link to the risk assessment portal.
What the Vendor Sees
When the vendor clicks the link and logs in via OTP:
They see a list of risk cards — each showing a risk that needs their attention.
For each risk, the vendor can:
View the risk details — description, severity, and what is expected
Provide a response strategy — describe how they plan to address the risk
Upload evidence — attach documents proving remediation actions
Add comments — communicate with your team about the risk
Once all risks are addressed, the vendor clicks Submit to finalize their responses.
Reviewing Vendor Risk Responses
After the vendor submits:
Return to the vendor's Manage Risk tab.
Open the risk entries that were sent.
Review:
The vendor's response strategy
Uploaded evidence documents
Comments from the vendor
Update the risk status (move through the risk lifecycle stages) based on the vendor's response.
How This Differs from Questionnaire Assessments
| Feature | Questionnaire Assessment | Risk Assessment |
|---|
| What is sent | A template with questions | Specific identified risks |
| Vendor action | Answer questions | Provide remediation strategy + evidence |
| Purpose | Evaluate vendor's compliance posture | Get vendor response to specific risk findings |
| Template required | Yes (from MasterVault) | No — uses existing risk entries |
Troubleshooting
| Issue | Solution |
|---|
| Cannot send risks | Verify your role has Risk Send permission. Ensure risks are created and selected. |
| Vendor did not receive the link | Check the vendor's SPOC email address. Verify the email was not caught by spam filters. |
| Vendor cannot log in | The vendor uses OTP-based authentication. Ensure they are entering the correct email address. |
| Vendor responses not visible | The vendor must click Submit to finalize. Check if the risk assessment status shows as submitted. |
Related Articles
How to Send and Track Questionnaires
Prerequisites At least one vendor added to the platform At least one assessment template created in MasterVault Access to the vendor's detail page Creating and Sending an Assessment Navigation: Sidebar → Vendors → [Select Vendor] → Assessments Step ...
Vendor Assessment Portal Guide (For Vendors)
Prerequisites An assessment invitation email from the requesting organization Access to the email address registered as SPOC Logging In to the Assessment Portal Step 1: Open the Invitation Link Check your email for the assessment invitation. Click ...
How to Collaborate on Assessments
Prerequisites An existing assessment for a vendor Access to the vendor details page Team members added to the platform (for internal collaboration) Internal Collaboration Assigning Team Members Navigation: Vendor Details → Teams Tab Open the vendor's ...
How to Review Vendor Risk Scores
Prerequisites At least one vendor with a completed assessment Access to the vendor risk section Viewing Vendor Risk Scores Navigation: Sidebar → Vendors → [Select Vendor] → Risk Tab Step 1: Open Vendor Risk Details Click Vendors in the sidebar. Click ...
How to Generate Vendor Risk Reports
Prerequisites At least one vendor with assessment data Access to the Reports section Generating a Report Navigation: Sidebar → Reports Step 1: Open Reports Click Reports in the sidebar. The Reports page shows available report options and previously ...