Frequently Asked Questions

Commonly asked questions from our users

Software Questions

Common questions about the VendorRisk platform.

We allow unlimited user accounts. There are no per-user or per-seat fees.

Yes, VendorRisk does allow for SSO authentication. We have tested with SSO providers such as ADFS, Azure, Okta, Ping One and OneLogin.

Yes, you can enable MFA for your site. If enabled, each user can utilize Google Authenticator as an additional security measure.

VendorRisk should work on all current versions of the major browsers, such as Google Chrome, Firefox, Safari and Microsoft Edge. The only other requirements are that the browser has JavaScript enabled and can accept cookies.

Yes, we use responsive design to ensure that you can login and access your VendorRisk information from smart phones and tablets. The site will automatically detect that you're on a mobile device and adjust the user interface accordingly.

We provide the ability to export to Excel, and your developers can use our API to programmatically pull data from your VendorRisk site, but there are no plans to support direct data exchange with specific vendors or products.

We allow unlimited document uploads and storage space. Each document can be up to 80 MB in size. For security purposes, file types are limited to the well-known formats such as: Word, Excel, PDF, ZIP, etc.

VendorRisk uses the SendGrid service to send emails from the application, and we follow all their best practices and recommendations to ensure that your company's mail server will correctly handle emails sent from VendorRisk. If you do have issues receiving email, we can work with your IT department and SendGrid to help troubleshoot the problem.

Yes, all modules support at least 5 custom fields. The Vendors & Contracts modules support up to 50 fields. The fields can be: textbox (single-line), textbox (multi-line), date field, yes/no radio buttons, or dropdown items.

Hosting Questions

Common questions about the VenorRisk infrastructure.

Yes, VendorRisk is only available as a web-based hosted application developed, maintained and hosted by us. It cannot be installed within your company's internal network.

Our hosting infrastructure resides in the US-East-2 region in Amazon AWS.

Yes, Amazon allows registered users to access SOC reports via their Artifacts service. We can also provide copies of those.

Security Questions

Common questions about VenorRisk's security stance.

We conduct annual penetration tests. We also utilize the Trust Guard daily web site scan to alert us to potential security concerns. The results from the latest scan are available at the bottom-right of the page.

Yes, all requests to your VendorRisk site require SSL to prevent eavesdropping and tampering. All emails sent through VendorRisk use TLS encryption.

Passwords are encrypted in the database and never sent over email. VendorRisk personnel cannot see user passwords.

By default, passwords must be at least 6 characters long. However, your site admin can implement the following:

  • Required # of characters, lower-case letters, upper-case letters, digits & symbols
  • Cannot contain user's first name or last name
  • Cannot use common passwords like "password", "123456", etc.
  • Must be changed every month, 3 months or 6 months
  • Cannot use a password previously used in the past

Yes, after 10 unsuccessful login attempts, the user is locked out and cannot login until either your site administrator or VendorRisk personnel un-locks their account.

Yes, all files moved to Amazon's servers are marked as private and can only be accessed by logging into your VendorRisk site first. Documents are encrypted "at rest" at Amazon. They are only decrypted when transferred to VendorRisk and displayed or downloaded to the user's computer.

All your uploaded documents are backed up to a separate Amazon S3 region (West Coast US), and the database is backed up several times a day to local and remote locations. And every Sunday we export your information to an Excel spreadsheet, which you can access from your VendorRisk site.

Support Questions

Common questions about VenorRisk's support.

Tech support is provided for free. We are accessible via a toll-free number, email and a web-based support form located inside your VendorRisk site.

Of course, we love to hear feedback. When a suggestion is made, we determine if we feel it makes sense. If it does, then we'll add it to our development list. If it doesn't, then we'll tell you why we don't feel it's appropriate at this time.

We do not offer on-site training sessions. If you have questions about any aspect of the software, you can request a web-based training session. We do not charge for web-based training.

Contract & Billing Questions

Common questions about your VendorRisk contract and billing.

Yes, unlike many SaaS providers that have a generic Terms of Service, we have a formal contract that is signed by both parties prior to an invoice being sent. This gives your legal team the ability to review the contract and suggest tweaks or changes.

Yes, Skeey Interactive guarantees that the Service will be available at least 99.5% each month. Uptime status will be based on Pingdom's public report. In the event that the Service fails to meet this expectation in a given month, the customer will be given an additional month of Service usage at no charge, which will be added to their current subscription's expiration date.

No. About a month prior to your subscription expiration, we will generate an invoice and send to your account owner. If you are a satisfied customer and want to continue with your current plan, then you can pay the invoice and your subscription will be extended. If you decide to upgrade/downgrade your plan by adding or removing modules from your subscription, then you can let us know and we'll send a revised contract with the updated pricing.

Yes. Because VendorRisk is pre-paid and there are no refunds, you typically wouldn't cancel in the middle of your subscription — rather, you would just let us know you don't plan on renewing when we send the following year's invoice. If you do cancel, then we'll work with you to return all uploaded documents and a Microsoft Excel copy of your data. Cancellations will be processed within a business day.

VendorRisk is only offered as an annual subscription paid in advance.

We do not offer refunds once you have pre-paid for the annual subscription.

Yes, we offer a 30-day trial after we've had the introductory phone call and at least one web-based demo with your company. During the trial, you have full access to everything VendorRisk offers, so you can decide if the product is for you and what modules your company would likely require.

VendorRisk modules are available on an à la carte basis, so your annual fee will only go up (or down) if you change the modules your company wants to use.

Get VendorRisk. Get organized.

Stop wasting time with spreadsheets. Get your vendor management program up and running today.

Schedule demo