Vendors

What is it?

A vendor is a company from whom you have purchased software or services that you use to run your business.

For example, Microsoft, Salesforce, and Okta are vendors.  One Vendor can provide you with many Systems (link to Systems page).  For example, Microsoft is a vendor, and they will provide you with many systems like Azure AD, Confluence, Office 365 etc.

Your Vendors page is a place where you can manage your existing vendor relationships and consolidate any potential documents that you were keeping elsewhere.

Vendor Attributes

The Vendors page in TrustOps allow you to view your Vendors using different filters, search options, and views:

Sort, Filter and Search:

• Sort your Vendors – You can sort your Vendor list by alphabetical order, Groups, Owner, and  Data Classification
• Filters – Filter vendor list by Status (active, disabled), Groups, Owner, and Classification
• Search: Allows you to search for a specific vendor

Adding Vendors

Your Vendors list gets populated automatically after you add all of your systems on your Systems Register. Based on your different system classifications, we default the Data Classifications on your Vendors page.

Step by step guide to add a vendor:

1. To add more vendors to your registrar simply select +Add New Vendor.
2. Add Vendor Name, Website, Owner, Data Classification, and Group.
3. Then select if this vendor is a subprocessor.
4. You also have the option to add purpose, location, Terms of Use and Privacy Policy.
5. Once you have filled out all the relevant details click on “Add Vendor”

Vendor Details Attributes

The vendor details page allows you to look at existing vendor information and documents as well as to edit these details. To edit vendor details select the three ellipsis icon in the right corner and from the drop-down menu select Edit Details.

Edit Vendor

To edit vendor details select the three ellipsis icon in the right corner and from the drop-down menu select Edit Details.

On this details page you can add:

• A vendor’s website
• A location
• A description of the purpose
• Link to the vendor’s terms of service
• Link to the vendor’s privacy policy
• Link to the vendor’s security page
• Change the data classification
• Change the group

Additionally, you can add tags to each vendor, add documents or links, and add vendor contact information.

The systems that the specific vendor is mapped to will be listed under the Systems section. If you believe something is missing, double check that all of the relevant systems are added.

Disabling Vendors

Disabling a vendor denotes that you don’t use this vendor anymore.  A disabled vendor still exists in your archive and is not deleted permanently.

Step by step guide to disable a vendor:

1. select the three ellipsis icon in the right corner and from the drop-down menu
2. Select Disable Vendor.
3. A box will open requiring a reason for disabling and providing a checklist of the compliance requirements for disabling a vendor.
4. Select Disable.

Disabled vendors can be viewed by selecting the Filters button on the main Vendors page and checking the Disabled box.

Video: Adding, Editing and Disabling Vendors: