- November 17, 2021: Updated navigation instructions.
- January 30, 2020: Published.
Flagging questions is a way to focus assessments on vendors that need the most immediate attention.. Flagged questions indicate the need for extra attention due to poorly performing risk vectors that describe the state of that question. This allows VRMs to focus attention on where it is needed the most.
Flags are based on risk vector thresholds. If the average letter grade of the risk vectors that are associated with a question falls below a certain threshold (falls below 3.5/4), the question is flagged as needing attention.
The CSV export that has all the information contained in the report. The exported CSV can be used for downstream post-processing.