Introduction

The Vendor Risk Assessment feature in the Spendflo App offers a comprehensive solution to the vendor security review process for Infosec and Legal Teams. In this article, we will explore how you can easily initiate and efficiently manage vendor risk assessments using the Spendflo app. With our user-friendly interface, you can track all vendor risk assessment activities in one centralized location, ensuring seamless access for future audit purposes. Let's dive into the details of this powerful feature and optimize your vendor evaluation process with Spendflo.

There are two ways to initiate a vendor risk assessment process:

1. Initiating Vendor Risk assessment for a New Procurement request

2. Manually initiating for an existing app

Initiating Security Review for a New Procurement Request

If Vendor Trust is enabled for your organization, the security review process seamlessly integrates with every new purchase request. Within the request intake form, a security questionnaire will be included, which the requester must complete.

Upon submission, an automatic Vendor Security Review will be triggered, and you can conveniently access this review request in the Security Hub under Vendor Risk Assessment. This streamlined process ensures that vendor evaluations are seamlessly integrated into your procurement workflow, enhancing security and compliance for your organization.

Manually Initiating Security Review for an Existing Vendor

To manually initiate a Security review for an existing vendor, simply navigate to the Vendor Risk Assessment section within the Security Hub. This central location houses all your security reviews, allowing you to monitor ongoing assessments or create new ones as needed.

To begin a review for a specific app, click on the "Start a Vendor Review" button at the page's top-right corner. 

For further information on conducting a Vendor security review, please see the article here