Suppliers¶
The supplier management module tracks your vendors, their compliance status, contacts, and linked contracts and subscriptions.
Adding a supplier¶
- Navigate to Vendors → Suppliers.
- Click Add Supplier.
- Provide: company name, website, category, and description.
- Set the compliance status: Approved, Pending Review, Rejected, or Not Assessed.
- Add notes about the vendor relationship.
Supplier contacts¶
Each supplier can have multiple contacts:
- From the supplier detail page, click Add Contact.
- Provide name, email, phone, and role.
- Contacts are used for communication tracking and contract management.
Compliance status tracking¶
Supplier compliance status reflects whether the vendor meets your security and regulatory requirements:
| Status | Meaning |
|---|---|
| Approved | Vendor has passed security review |
| Pending Review | Review in progress or scheduled |
| Rejected | Vendor does not meet requirements |
| Not Assessed | No review has been conducted |
Linking to compliance controls¶
Suppliers can be linked to framework controls as evidence of vendor management practices (e.g., ISO 27001 A.15 — Supplier relationships):
- On the supplier detail page, scroll to Compliance Links.
- Link to the relevant controls.
- Add context notes about the supplier's role in satisfying the requirement.