There’s huge pressure on organisations to manage their own governance, risk and compliance (GRC). As well as this, you have the near impossible task of tracking and auditing your supply chain. Increasingly, your vendors become more complex and change over time, making it even more difficult to manage.
Your supply chain is vulnerable to various disruptions. These potential disruptions – whether economical or man-made – can cause uncertainties and huge risk to your business. Your organisation probably has a process in place to manage supply chain GRC. This will help to minimise the impact on your financial strategy and profitability. Despite this, we ask the question, how efficient is your vendor management process?
Are you currently using endless Excel spreadsheets to centralise your requirements for your supply chain? Perhaps you have templates of questions that are sent out to vendors on a regular basis, with each needing changes every time you introduce a new compliance requirement.
This common practice may seem like the only route to managing your vendors, but there are more efficient solutions.
How can the SYNERGi GRC platform help?
- Detect the risks – Complete questionnaires with vendors to determine what risks there may be e.g. Lack of sufficient malware protection.
- Analyse the impact – Enter specific details into the system to calculate the potential risk impact. E.g. Could supplies and/or finances be impacted if the risk materialises?
- Make a plan – Once you have detected risks and analysed the impact, the SYNERGi GRC platform helps you prioritise the most important risks. This allows you to set remedial actions with your colleagues and vendors to rectify the issue.
- Monitor – Use the dashboard overview to easily track and manage your suppliers over time.
This key functionality in SYNERGi is supported significantly by the new Questionnaire Repository function.
What is the ‘Questionnaire Repository’?
The latest version of SYNERGi contains the new “Questionnaire Repository”, which is part of the Vendor Management module.
The Vendor Management solution enables organisations to fully automate their vendor and risk assessment processes, allowing you to:
- Give your compliance teams a complete overview of supplier risk so that they can focus their efforts where it’s needed most.
- Capture existing third-party data and gain a complete picture of your vendor GRC landscape, straight out-of-the-box
- Easily track your vendors and ensure they stay compliant with ever-changing security standards
- Quickly and easily process and validate all new suppliers or contractors
The Questionnaire Repository, specifically, is a module that provides you with a dashboard, a questionnaire library and a response and settings section. This functionality has been introduced to SYNERGi to allow IRM’s clients to quickly and easily ask the important questions to gain insight into the compliance of their vendors.
The Repository allows you to choose from a range of template questions, or create your own surveys from scratch. Once questions are crafted with the user-friendly questionnaire-builder, SYNERGi allows you to easily send out the surveys to the appropriate vendors.
With the ability to set up automatic follow-up emails and reminders, SYNERGi ensures that your vendors are reminded of questionnaires that are upcoming or overdue. This ensures your organisation gains the required information to conduct necessary audits.
Once all the questionnaire answers have been collated, responses are shown in a useful dashboard format. The handy display allows you to instantly gain insight into:
- The areas of which your vendors are least/most compliance in e.g. Malware protection, internet gateways, quality management.
- The vendors that are least compliant versus those who are most compliant.
The dashboard gives you full insight. This allows you to make important decisions quickly on where to input time and resource into ensuring vendor compliance.
Why use SYNERGi’s Questionnaire Repository?
Further down the SYNERGi roadmap, we aim to encourage greater collaboration. We’ll introduce the ability to send out Questionnaires to other areas in the SYNERGi platform such as Projects, Assets and Risks. We will also integrate the Compliance Questionnaire functions into the Questionnaire module, allowing for automated compliance and audit assessments.
Within the Questionnaire Repository you can create one Questionnaire and then attach it to a multitude of different Objects such as Vendors, Risks or Assets, introducing the ability to create a decision tree that interacts with multiple objects and audiences.
If you think the SYNERGi GRC platform could support your vendor management process, contact us for a demo with one of our experts.