Servicenow Vendor Risk Management (VRM) Implementation

Learn how to effectively manage a Vendor Risk Management Implementation.

This two-day course covers the domain knowledge, common implementation technical aspects, and various processes needed to effectively manage a Vendor Risk Management (VRM) implementation.

Attendees will learn and practice various tactical skills and strategies that will better prepare them to implement VRM.

Through lectures, group discussion, hands-on labs and demonstrations, participants build on existing knowledge and skills by applying implementation best practices.

Topics include: Vendor Risk Management Review, Core Configuration, Assessment Configuration, Vendor Risk Issues and Processes, Vendor Portal Configuration, Application Relationships, Dashboards and Reports

Recommended prerequisites:

• SNSAF - ServiceNow Administration Fundamentals
• SNPI - ServiceNow Platform Implementation

• Define key concepts and roles related to Vendor Risk Management in ServiceNow and navigate the Vendor Risk Management application components
• Configure vendor portfolio data and vendor process workflows
• Develop Questionnaire Templates, Document Request Templates, and Assessment Templates, which are used to create vendor risk assessments
• Access the Vendor Assessment Portal, manage vendor contacts, complete assessments, and interact with the Vendor Risk team
• Create and manage Vendor Risk Assessment related issues and remediation
• Translate assessment responses into Risk and Control Compliance using existing GRC applications
• Analyze baseline VRM reports and dashboards
• Examine solution features and implementation considerations
• Discuss supported integrations and share best practices

Technical Consultants, Implementers, Developers, and Architects who will be configuring, developing, or supporting the Vendor Risk Management applications, Project/Program/Engagement Managers who will be leading implementation of the Vendor Risk Management application in ServiceNow, Operations Managers who will oversee work completed using the Vendor Risk Management application in ServiceNow

Vendor Risk Management Review

• About VRM
• VRM Process
• Technical Details
• Lab 1.1 Preparing to Implement ServiceNow Vendor Risk Management

Core Configuration

• Vendor Portfolio Configuration
• Lab 2.1 Vendor Setup
• Vendor Contacts Configuration
• Lab 2.2 Populate Vendor Contacts
• Vendor Tiering Configuration
• Lab 2.3 Vendor Tiering
• Vendor Security Scoring Configuration
• Lab 2.4 Vendor Hierarchy and Engagements

Assessment Configuration

• Assessment Basics
• Vendor Assessment Configuration
• Vendor Risk Assessment Generation
• Lab 3.1 Vendor Risk Assessment Templates
• Lab 3.2 [CHALLENGE] Data Privacy Assessment
• Vendor Risk Assessment Calculations
• Vendor Risk Assessment Lifecyle
• Lab 3.3 Vendor Risk Assessments

Risk Issues and Processes

• Vendor Risk Issue Configuration
• Lab 4.1 Configure Vendor Risk Issue Approval Workflow
• Vendor Risk Task Configuration
• Vendor Risk Process Workflows
• Lab 4.2 Configure Vendor Assessment Reminders Workflow

Vendor Portal Configuration

• Contact Configuration
• Lab 5.1 Working in the Vendor Assessment Portal
• Vendor Assessment Processing and Configuration
• Lab 5.2 Vendor Risk Issues
• Lab 5.3: Vendor Risk Areas and Criteria Affecting Engagements

Application Relationships

• ServiceNow GRC Overview
• Monitor Risk and Control Compliance
• Other Application Relationships
• Lab 6.1 GRC Integration

Dashboards and Reports