Vendor Management Features & Benefits

Centralize vendor data, manage relationships, assess vendor risk, and ensure compliance with your policies and controls.

• Centralize and Structure Your Vendor Database

  Archer Vendor Management gives you an enterprise view of corporate vendor documentation, services and utilization, categorized by project, relationship manager, tier or any other useful data element. You can implement the solution out of the box, or you can tailor it to accommodate your organization’s unique vendor management processes. Archer provides drag-and-drop design features and wizard-driven interfaces that allow you to define custom vendor risk scoring, dynamic question filtering, workflow processes, email notifications and more. You can also import existing vendor information through Archer’s simple Data Import Wizard, and you can ensure that vendor relationship managers have appropriate access to information through the use of role-based and group-based access control.

• Manage Vendor Profiles

  Archer enables your organization to minimize and manage the risk associated with vendor relationships by tracking agreements, performance and the status of deliverables for each project. Within each vendor profile, you can assign relationship managers, categorize the vendor by tier, establish key performance indicators, review associated contracts, and document meetings and activities associated with the relationship. Tracking these variables allows you to know who your vendors are, what they do for you and who is responsible for the relationship. Archer Vendor Management also provides a version-controlled environment and automated workflow processes for modifying vendor information and obtaining proper approvals.

• Build Vendor Risk Questionnaires

  The Vendor Management solution enables you to assess vendor risk before and after the contract process to evaluate compliance with your company's policies, controls and regulations. Archer allows you to easily import your own risk assessment questions or utilize a library of pre-built questions based on best-practice standards such as the Shared Assessments Program. You can build several types of assessment questionnaires, including self-assessments and on-site audits, and define rules that determine the specific questions that should be presented in an assessment based on attributes of the vendor, such as service type or tier. Archer also enables you to easily configure risk scoring formulas, allowing you to derive risk and compliance ratings from assessment results.

• Complete Vendor Risk Assessments

  Through Archer’s user-friendly interface, vendors and vendor managers can complete their assigned assessments with no prior training, adding question-specific comments and attaching supporting evidence as needed. You can configure the solution to send reminder and escalation email notifications to appropriate users as assessment due dates approach, and you can automatically route completed assessments to the proper reviewers and approvers.

• Manage Findings of Non-Compliance

  Archer enables you to automatically score assessments and generate findings for each incorrectly answered question to identify areas of non-compliance. Findings are automatically related to vendors, relationship managers, and violated policies or controls for quick and powerful reporting. You can assess the nature and status of each finding, including the vendor response and appropriate mitigation procedures, and you can assign tasks for each finding, track their completion and automatically calculate the residual risk.

• Report on Your Vendor Risk Profile

  Through Archer’s powerful reporting capabilities, you can report on assessment scores and status, filtering by individual questions, assessments, vendors, business units, authoritative sources and control standards. The Vendor Management solution provides a set of predefined reports for analyzing your vendor risk profile, and you can also create ad hoc reports with drill-down capabilities. To give senior management clear visibility into high-risk areas within your business, the status of ongoing vendor assessments and your organization’s overall risk exposure, you can display reports through graphical, access-controlled dashboards.

• Integrate with Other Archer Solutions

  By combining Archer’s Vendor Management solution with other products in the Archer solution set, including Policy, Threat, Asset, Risk, Incident and Sarbanes-Oxley Compliance Management, you gain a comprehensive view of vendor relationships as they relate to policies and controls, corporate assets, business processes and compliance activities. This integration enables you to apply corporate and IT policies and control standards to vendors, track vendor access to corporate assets and monitor incidents as they relate to your service providers.