< back

Supplier Risk Management

The purpose of Abriska 27036 is to help you improve both the effectiveness and efficiency of your supplier information security due diligence process. This is achieved by providing you with the capacity to tailor your question set and ask more in-depth questions of suppliers who have access to more sensitive or critical information.

The core set of questions that form the due diligence have been developed by URM’s team of information security and data protection practitioners and are closely aligned to both ISO 27001 and ISO 27036.

Initial Setup

Organisation setup steps can be followed from our general Organisation Setup page. This will guide you through the set-up of contacts to manage supplier questionnaires, divisions to segregate suppliers into and adding documents to attach to questions.

There is required configuration that must be completed before adding suppliers and sending out questionnaires. This is completed within the SRM Setup page in Abriska.

RequiredAbriska configuration27036 -– SRMProcess SetupOverview

~~All~~To ~~setup~~go ~~for~~through after the ~~supplier~~above ~~risk~~required ~~management module~~configuration is completed within SRM Setup.

Abriska 27036 – Process Overview

Supplier Dashboard
Supplier Command Centre
Supplier Risk Management - Video Guides
What the Supplier sees and guidance you can offer them
Manually Assessed Suppliers
Reviewing Completed Questionnaires
Control Questions for Supplier Due Diligence
Reports (Supplier Risk Management)
Trouble Shooting (Supplier Risk Management)

Return to Abriska User Guides