Set up internal questionnaire responses to automatically attach external questionnaires to assessments

  • Release version: Washingtondc
  • Updated January 30, 2025
  • 1 minute to read

    • Set up an internal questionnaire's responses to automatically attach questionnaires to external assessments that are based on the responses, the calculated risk tier, or both by using Third-party Risk Management. By setting up this configuration, you can help to improve your ability to respond to risk tier changes and internal questionnaire responses.

    Before you begin

    Role required: admin or sn_vdr_risk_asmt.vendor_risk_admin

    About this task

    You can set up questionnaires to be automatically added to external assessments based on responses to an internal questionnaire, calculated risk tiers, or both. Risk tiers are determined based on the responses collected after an inherent risk assessment is completed. You can configure whether the risk tier that is used to automatically attach a questionnaire is calculated after the inherent risk questionnaire (IRQ) is completed or for the engagement as part of its inherent risk assessment. For more information on risk tiers, see Third-party risk tiering assessments — Legacy process.

    Procedure

    1. Navigate to All > Third Party Risk Management > Assessment Setup > Questionnaire Templates.
    2. Select the internal questionnaire template that you want to use.
      Note:
      The questionnaire must have the IRQ template classification.
    3. Select the Metric Categories related list, the category name, and then select the question from the Assessments Metrics related list that you want to configure.
      For more information on the different types of questions and how to define them, see Define a question.
    4. Add a configuration to the Questionnaires related list by selecting New.
    5. On the form, fill in the fields.
      Table 1. Question to Questionnaire Form
      Field Description
      Question Type of question in the questionnaire that you’re configuring. For example, it could be a choice or string question.
      Answer Answer that results in the questionnaire to be attached to the external assessment.
      Tier Risk tier that results in the questionnaire to be attached to the external assessment.
      Tier from level

      Level at which the referenced risk tier is calculated: IRQ assessment or Engagement.

      For example, if the risk tier that is calculated during the inherent risk questionnaire assessment matches what you selected for the Tier field, the questionnaire is attached to the external assessment.
      Questionnaire

      Questionnaire that is attached if the requirements that are defined by this form are met.
      Applies to Type of external assessment that the questionnaire is attached to.
    6. Select Submit.