Introduction
The foundation of your TPRM program begins with tiering and questionnaires. Tiers help classify third parties based on risk factors such as business criticality, geography, or data access.
Each tier can be associated with a specific questionnaire and set of conditions, allowing you to streamline assessments and automate risk evaluations at scale.
Create a Tier
Follow the steps below to define your third-party tiers:
Go to Settings > Third-Party
Click on the “Add” button to begin creating a new tier.
Enter Tier Name
In the Name field, provide a clear, descriptive name (e.g., Tier 1 - High Risk, Tier 2 - Medium Risk).
Assign a questionnaire by selecting the questionnaire from the dropdown.
Define tier conditions to automatically categorize vendors into this tier based on key attributes.
Choose an attribute (e.g., Business Resource, Country of Headquarters).
Select an operator (e.g., IN, EQUALS, CONTAINS).
Enter one or more matching values.
Use the “+” button to add additional conditions.
You can configure the condition logic using:
Match All: All conditions must be true.
Match Any: At least one condition must be true.
Use "Match All" when you want a precise classification, and "Match Any" for broader inclusion.
Click the Save button.
The tier will now be available in your third-party settings tier list.
Repeat the above steps to create multiple tiers. We recommend at least three tiers (e.g., High, Medium, Low) to reflect different levels of risk and scrutiny.
