Analyzing Residual Risk with Engagement Risk Assessments

The Engagement Risk Assessment questionnaire enables you to assess residual risk based on controls that your third party has in place to mitigate risk exposure. The questionnaire is generated based on the responses in the Inherent Risk Analysis for each risk category. When you generate an Engagement Risk Assessment, the system automatically calculates the residual risk for each risk category being assessed.

You can use Engagement Risk Assessments with or without the Archer Vendor Portal. The Archer Vendor Portal is an external portal that enables your vendors to securely answer questionnaires outside of Archer. You must install the Archer Vendor Portal Service and update your Third Party Risk Management license key to publish questionnaires to the Vendor Portal. For more information about installing and configuring the Archer Vendor Portal Service, see the Archer Vendor Portal Service Guide on Archer Community.

On this page

Use the Engagement Risk Assessment questionnaire with the Vendor Portal

  1. Create an Engagement Risk Assessment questionnaire.

  2. Publish an Engagement Risk Assessment questionnaire to the Archer Vendor Portal for your third party contacts to complete.

  3. Review an Engagement Risk Assessment questionnaire by evaluating answers, and generating any findings, remediation plans, or exception requests as needed.

  4. Approve or reject the questionnaire.

  5. Analyze the calculated residual risk for each risk category based on an Engagement Risk Assessment questionnaire.

Use the Engagement Risk Assessment questionnaire without the Vendor Portal

  1. Generate an Engagement Risk Assessment questionnaire.

  2. Complete an Engagement Risk Assessment questionnaire by answering the questions in each risk category being assessed.

  3. Review an Engagement Risk Assessment questionnaire by evaluating answers, and generating any findings, remediation plans, or exception requests as needed.

  4. Approve or reject the questionnaire.

  5. Analyze the calculated residual risk for each risk category based on an Engagement Risk Assessment questionnaire.