0
20.0.1
Yokohama, Xanadu Patch 4, Xanadu, Washington DC Patch 7, Washington DC Patch 5, Washington DC Patch 3, Washington DC, Vancouver Patch 9, Vancouver
The ServiceNow® Third-party Risk Management application provides a centralized process for managing your third-party portfolio and completing the third-party assessment and remediation life cycle. Integration with other GRC applications provides additional traceability for compliance with controls and risks.
Note: In version 17.x, Vendor Risk Management was renamed to Third-party Risk Management.
The Third-party Risk Management application includes the following features:
- Third-party portfolio - third-party hierarchy and third-party contacts
- Third-party engagements
- Tiering setup, tiering assessments, and IRQs
- Risk assessment setup, and risk assessments, including risk domains (risk areas)
- Configurable risk calculation
- Automated tiering and risk assessment submission rules
- Security score integration
- Issue management
- Support for third-party scores roll up to risk rating
- Reports and dashboards
- GRC Integration: associate policies and controls to questions in a third-party risk assessment
- GRC Integration: roll-up third-party risk information to an enterprise risk program
New:
- Ability to copy the responses from a previously answered questionnaire (within the same third-party) to a new questionnaire of the same questionnaire template.
Fixed:
- Incorrect translations for Simplified Chinese have been addressed.
- Duplicate theme files getting created when Vendor Portal plugin repaired with customization in place have been addressed.
- Issue generation failure for choice questions when dependent on multi-selection question has been addressed.
The following applications are automatically installed when the Third-party Risk Management application is activated:
- GRC: Profiles
- GRC: Compliance Assessment
- GRC: Vendor Portal
Permissions and roles:
- Role required to install the app: System admin (admin)