Refer to the following permissions for accessing and managing Trust Management Hub (TMH) and Vendor Risk Management data, including:
- Artifacts
- Connections
- Edit Company Information
- Executive Summary
- TMH Dashboard
- Findings
- Risk Assessments
- Security Profile
See permissions key, other actions, or learn more about TMH/VRM user roles.
Artifacts
Artifacts represent third party risk management documentation requested from the third party being assessed.
Download Artifacts
✅ Admin
➖ Group Admin
✅ Internal Business User – Download artifacts of assigned vendors.
✅ Operations
➖ Portfolio Manager
➖ User
✅ View Only
Connections
Connections can be requested with vendors. The vendor is emailed and prompted to complete their security profile.
Access Connections
✅ Admin
➖ Group Admin
✅ Internal Business User – View assigned vendors only.
✅ Operations
➖ Portfolio Manager
➖ User
✅ View Only
Establish Connections
✅ Admin
➖ Group Admin
❌ Internal Business User
✅ Operations
➖ Portfolio Manager
➖ User
❌ View Only
Edit Company Information
✅ Admin
➖ Group Admin
❌ Internal Business User
❌ Operations
❌ TMH Access Only Operations
➖ Portfolio Manager
➖ User
❌ View Only
Executive Summary
Access the Executive Summary page.
✅ Admin
➖ Group Admin
❌ Internal Business User
✅ Operations
❌ TMH Access Only Operations
➖ Portfolio Manager
➖ User
✅ View Only
TMH Dashboard
View and use the Dashboard in the Trust Management Hub application.
✅ Admin
➖ Group Admin
❌ Internal Business User
✅ Operations
✅ TMH Access Only Operations
➖ Portfolio Manager
➖ User
❌ View Only
Findings
Findings are questions or concerns that can be communicated to the third party being assessed and include expected remediation plan or outcome.
Create Findings
✅ Admin
➖ Group Admin
✅ Internal Business User – Download artifacts of assigned vendors.
✅ Operations
➖ Portfolio Manager
➖ User
❌ View Only
Findings Overview Report
Generate the Findings Overview report, which provides a concise overview on the findings identified during vendor assessment.
✅ Admin
➖ Group Admin
❌ Internal Business User
✅ Operations
➖ Portfolio Manager
➖ User
✅ View Only
View Findings
✅ Admin
➖ Group Admin
✅ Internal Business User – Download artifacts of assigned vendors.
✅ Operations
➖ Portfolio Manager
➖ User
✅ View Only
Risk Assessments
Vendor risk assessments are used for analysis and executive-level communication.
Risk Assessment Summary Report
Generate the Risk Assessment Summary report, which shows a holistic view of vendor security and risk posture.
✅ Admin
➖ Group Admin
❌ Internal Business User
✅ Operations
➖ Portfolio Manager
➖ User
✅ View Only
Security Profile
A security profile is available for review and scoring. They consist of questionnaires, certifications, and attestations.
Share Security Profile
Share your security profile.
✅ Admin
➖ Group Admin
➖ Internal Business User
✅ Operations
➖ Portfolio Manager
✅ Sales
✅ Sales Operations
➖ User
✅ View Only
- March 24, 2025: Risk Assessment Summary and Findings Overview report permissions.
- January 3, 2025: Share your security profile; Access the Dashboard in the TMH app; Executive Summary; Edit company information.
- November 22, 2024: Separated from User Permissions and added VRM/TMH roles.
Feedback
0 comments
Please sign in to leave a comment.