Key Features

• Risk Assessment and Monitoring: Identify and continuously monitor potential risks linked to third parties, using questionnaires and due diligence processes.
• Due Diligence Requests: Request and manage third-party risk due diligence to evaluate engagement risk levels.
• Approval Workflows: Configure approval levels and rules to approve or reject due diligence requests based on assessment results.
• Contract Risk Management: Incorporate specific contractual provisions to mitigate identified risks during contract negotiations.
• User Interfaces: Utilize both the Smart Assessment Engine and the legacy Vendor Risk Management (VRM) classic UI to perform risk tasks.
• Digital Resilience Registers: Maintain registers of ICT third-party service provider contracts within the Vendor Management Workspace.
• Risk Intelligence Integration: Manage, request, and integrate risk intelligence reports and scores from external providers to gain insights into third-party trustworthiness.
• Third-party Portal: Facilitate communication by enabling third-party contacts to respond to questionnaires, provide documentation, and address tasks and issues.

Implementation and Integration

• Activate or upgrade TPRM by downloading it from the ServiceNow Store and configuring it to meet organizational needs.
• Extend TPRM capabilities by integrating with other ServiceNow applications and external risk intelligence providers.
• Transition from the Classic Assessment Engine to the Smart Assessment Engine to leverage enhanced features and updated setup requirements.

Support and Resources

• Access detailed reference materials covering tables, properties, forms, and roles within the TPRM application.
• Engage with the GRC community for questions and peer support.
• Utilize the Known Error Portal for troubleshooting known issues.
• Explore developer resources for app building and contact Customer Service for additional assistance.