How to Build a Vendor Risk Assessment Workflow in Jira Service Management

Описание: Simon and Monika from SoftComply introduce a webinar on practical, day-to-day vendor risk assessment process on top of Jira Service Management, supported by SoftComply Risk Manager Plus.

They outline a procurement-to-vendor-management journey: internal new-vendor requests via JSM forms, due diligence through externally facing supplier questionnaires, risk scoring using SoftComply Risk Manager Plus risk models (impact/likelihood heat maps and multi-factor scoring), and creating mitigation actions and linked tasks.

They discuss periodic vendor re-evaluations, permissions to prevent deletions, implementation timing depending on process mapping and Jira maturity, and using Jira Assets to keep vendor records synced with other systems. They also show reporting via Confluence macros, static snapshots, and SoftComply Document Manager approvals with e-signatures, and share follow-up resources, recordings, and booking links.

00:00 Welcome and Intros
00:27 SoftComply Overview
01:12 Why Vendor Risk Matters
02:29 Webinar Logistics
03:38 Procurement to Vendor Journey
06:53 Mapping the Process in Jira
07:53 New Vendor Request Form
09:29 Due Diligence Questionnaires
11:30 External Portal in JSM
14:52 Risk Table and Scoring
19:32 Mitigation Actions in Jira
20:19 Contracting and Vendor Systems
22:02 Assets Integrations and Alerts
24:40 Ongoing Monitoring and Regulations
25:24 Vendor Process Flow
27:23 Risk Model Walkthrough
32:02 Periodic Reviews Setup
33:19 Permissions And Retention
34:33 Implementation Timeline
37:34 Maintaining Risk Rules
39:05 Real World Supplier Risks
41:37 Docs And Reporting
44:38 Confluence Snapshots Signoff
47:05 Wrap Up And Next Steps