Review VRM tiering assessment responses

  • Versão de lançamento: Australia
  • Atualizado 12 de mar. de 2026
  • 1 min. de leitura

    • Starting with GRC: TPRM version 15.0.0, risk tiering is a legacy process that you do not need to perform. Instead, use the IRQ process in the Vendor Management Workspace.

    Antes de Iniciar

    Role required: sn_vdr_risk_asmt.vendor_assessor

    Por Que e Quando Desempenhar Esta Tarefa

    The more complete IRQ process replaces tiering.

    Importante:

    In the TPRM application, the IRQ is an internal questionnaire that improves the original tiering assessment process. IRQs enhance internal risk assessments with increased flexibility, control, and scalability. Unlike a tiering assessment where external questionnaires are determined solely by the risk tier, an IRQ can dynamically trigger external questionnaires based on both respondents' answers and risk tier.

    To enable a seamless transition to TPRM, you have the option to duplicate existing tiering assessments and designate them as IRQ internal assessments. Risk tiering is supported as an unchanging legacy process.

    The TPR assessor can view risk tiering assessment responses after the internal stakeholders have submitted their assessment and adjust the scoring appropriately.

    Procedimento

    1. Use either of the following methods to start the process:
      • In the Vendor Management Workspace, select the list icon and then navigate to Tiering risk assessments > Open assigned to me.
      • Navigate to All > Third-party Risk Management > Tiering Assessments > My Open Assessments.
    2. Review, add, or change responses, as necessary.