POET is not designed to serve as the system of record for regulated processes, therefore not subject to GxP requirements. It is designed to enable cross-organizational collaboration and process orchestration while the system of record remains within enterprise systems.

Type = Technical Guides,; Topic = Opus Solution Environment, Process Orchestration for Empowered Teams (POET), Opus Platform,;Persona = Solution Designer, Solution Partner, Technology Partner,; Orchestration = Logistics,; Function = Regulatory Affairs, Quality,

Supplier Risk Assessments

Supplier Risk Assessment enables organizations to evaluate, classify, mitigate, and monitor risks associated with suppliers across their lifecycle.

What is a supplier risk assessment

A supplier risk assessment is a structured evaluation used to identify potential operational, regulatory, financial, and compliance risks associated with a supplier relationship. The process enables organizations to assess supplier risks, determine mitigation actions, and monitor supplier performance across the lifecycle.

  1. Assessment Initiation: Establish the assessment scope, ownership, and supplier being evaluated.
  2. Information Collection: Gather supplier responses and supporting documentation.
  3. Risk Evaluation: Analyze supplier data to identify risk categories and impacts.
  4. Risk Classification: Determine the overall supplier risk level.
  5. Mitigation Planning: Define mitigation actions and responsible owners.
  6. Monitoring: Track mitigation progress and reassess supplier risk posture.
  7. Closure: Complete the assessment and document outcomes.

Types of supplier risk assessments

  • Operational Risk Assessments – Evaluate operational stability and supply chain reliability.
  • Compliance Risk Assessments – Evaluate regulatory and compliance risks.
  • Financial Risk Assessments – Assess supplier financial stability.
  • Cybersecurity Risk Assessments – Evaluate cybersecurity posture and information security practices.
  • ESG Risk Assessments – Evaluate environmental, social, and governance risks.

How to configure the supplier risk assessment marketplace solution

Before using the supplier risk assessment marketplace solution, configure it in the Opus Solution Environment (OSE).

Solution Designers must first save the latest version of the marketplace solution from the marketplace catalog as a company solution.

  1. Select the Main Menu icon.
  2. Select OPUS Solution Environment.
  3. Select Catalog from the left menu.
  4. Select Marketplace Solutions.
  5. On the Search Solutions page, filter the list of solutions to find the required solution.
  6. Find the latest version of the solution and select the Solution Name to open the solution.
  7. On the Solution Details page, select Save As.
  8. On the Save As panel, fill in the following fields:
    1. Solution Name field – The name of the solution that will be saved as a company solution.
    2. Description field – (Optional) The description of the solution.
  9. Select Apply.
    The marketplace will be saved as a company solution in the Available tab on the left menu.

After saving the solution as a Company Solution, Solution designers must create a network for the solution from OPUS Administration.

  1. Select the Main Menu icon.
  2. Select Administration.
  3. Select Network and Apps from the left menu.
  4. Select New.
  5. In the Network Information section, fill in the following fields:
    1. Application drop-down – Select the application for which you want to configure the marketplace solution. For e.g. Process Orchestration for Empowered Teams.
    2. Network Name field – The name of the network being created.
    3. Network Description field – (Optional) The description of the network being created.
  6. In the Solution section, fill in the following fields:
    1. Standard Solution toggle – This value must be no as the solution for which the network is being created is a marketplace solution.
    2. Company Solution field – Select the solution that you saved as a company solution in the previous procedure.
  7. Select Save.
    The new network is created and the solution is ready for use.

After creating a network for the solution, Solution Designers must define roles for accessing the network.

  1. Select the Main Menu icon.
  2. Select Administration.
  3. Select Users from the left menu.
  4. Select Network Members from the left menu.
  5. On the Search Network Members page, filter the list of network members by the network created in the previous procedure.
  6. Select the user email of the user who created the network.
  7. Select Edit.
  8. In the Roles section, select the role required to access the network.
  9. Select Save.
    The role to access the new network is configured.

Add a supplier risk assessment

  1. Select the Main Menu icon.
  2. Select My Networks.
  3. Select a [POET Network] from the Select your Network drop-down in the header.
  4. Select a Partner or location from the Select your Partner or Location drop-down in the header.
  5. Select Go.
  6. Select Supplier Risk Assessment from the left menu.
  7. Select New.
  8. In the General section fill in the following fields:
    1. Title field – Provide a clear and descriptive title for the supplier risk assessment.
    2. Description field – Briefly describe the reason or scope of the assessment.
  9. Select Save.
    The supplier risk assessment is created in Draft state.
  10. Select Move to to progress the assessment.

Modify a supplier risk assessment

A high level understanding of the state of all supplier risk assessments that you have access to.

  1. Select the Main Menu icon.
  2. Select My Networks.
  3. Select a [POET Network] from the Select your Network drop-down in the header.
  4. Select a Partner or location from the Select your Partner or Location drop-down in the header.
  5. Select Go.
  6. Select Supplier Risk Assessment from the left menu.
  7. Select the required assessment.
  8. Select Edit.
  9. In the General section update the following fields:
    1. Title – Name of the supplier risk assessment.
    2. Supplier Name – Supplier being assessed.
    3. Business Function – Business function engaging the supplier.
    4. Priority – Assessment priority.
    5. Due Date – Target completion date.
  10. In the Participants section update the following fields:
    1. Supplier Owner – Owner responsible for supplier relationship.
    2. Assessment Owner – Primary coordinator of the assessment.
    3. Risk Reviewers – Users responsible for evaluating risks.
    4. Approvers – Governance decision makers for high-risk assessments.
  11. In the Description section update the following fields:
    1. Assessment Description – Description of the assessment scope and purpose.
    2. Attachments – Supporting documents.
  12. In the Information Collection section update the following fields:
    1. Online Risk Assessment – URL to supplier questionnaire.
    2. Offline Risk Assessment Attachment – Uploaded supplier questionnaire.
    3. Additional Supplier Responses – Summary of supplier-provided information.
    4. Clarifications – Notes from follow-ups with the supplier.
  13. In the Risk Evaluation section update the following fields:
    1. Identified Risks – Description of key supplier risks.
    2. Risk Categories – Applicable risk categories such as compliance, operational, financial, cybersecurity, ESG, and supply chain.
    3. Potential Impacts – Business impact of identified risks.
  14. In the Risk Classification section update the following fields:
    1. Overall Risk Level – Classified risk level (Low, Medium, High, Critical).
    2. Classification Rationale – Justification for risk classification.
    3. Reviewer Comments – Consolidated reviewer input.
  15. In the Risk Mitigation Plan section update the following fields:
    1. Mitigation Actions – Steps defined to reduce supplier risk.
    2. Target Completion Date – Expected mitigation completion date.
  16. In the Monitoring and Review section update the following fields:
    1. Monitoring Approach – How supplier risk will be monitored.
    2. Review Frequency – Frequency of reassessment.
    3. Open Issues – Outstanding risks or actions.
    4. Due Date – Monitoring deadline.
  17. In the Assessment Closure & Attachments section update the following fields:
    1. Assessment Closure Comments – Summary of assessment outcome.
    2. Attachments – Supporting evidence.
    3. Related Records – Link related records.

Monitor supplier risk assessments

  1. Select the Main Menu icon.
  2. Select My Networks.
  3. Select a [POET Network] from the Select your Network drop-down in the header.
  4. Select a Partner or location from the Select your Partner or Location drop-down in the header.
  5. Select Go.
  6. Select Supplier Risk Assessments.
  7. Select Dashboards.
Metric Description
Current Trends
Supplier Risk Assessments by Status – Open Total number of Supplier Risk Assessments categorized by Status (Draft, To Do, In Progress).
Supplier Risk Assessments by Business Priority Number of Supplier Risk Assessments categorized by Business Priority (Critical, High, Medium, Low) and Status (Draft, To Do, In Progress).
Supplier Risk Assessments by Overall Risk Level Number of Supplier Risk Assessments categorized by Overall Risk Level (Critical, High, Medium, Low) and Status (Draft, To Do, In Progress).
Supplier Risk Assessments by Business Function Number of Supplier Risk Assessments categorized by Business Function and Status (Draft, To Do, In Progress).
Due Date Monitoring
Overdue Supplier Risk Assessments Total number of assessments with Due Date less than current date, categorized by Status (Draft, To Do, In Progress).
Due in Next 24 Hours Total number of assessments due within next 24 hours, categorized by Status.
Due in Next 7 Days Total number of assessments due within next 7 days, categorized by Status.
Due in Future Total number of assessments due beyond 7 days by categorized by Status.
Network Performance
Supplier Risk Assessments by Assignee Company Total number of assessments grouped by assignee company and categorized by Status.
Supplier Risk Assessments by Supplier Coordinator Total number of assessments grouped by supplier coordinator and categorized by Status.
Organizational Performance
Supplier Risk Assessments by Assessment Coordinator Total number of Supplier Risk Assessments grouped by Assessment Coordinator and categorized by Status (Draft, To Do, In Progress).
Supplier Risk Assessments by Risk Rating Total number of Supplier Risk Assessments categorized by Risk Rating (Critical, High, Medium, Low) and Status (Draft, To Do, In Progress).
Average Time to Close Supplier Risk Assessments by Risk Rating Average time taken to close Supplier Risk Assessments, segmented by Risk Rating (Critical, High, Medium, Low).

Steps to access

  1. Select the Main Menu icon.
  2. Select My Networks.
  3. Select a [POET Network] from the Select your Network drop-down in the header.
  4. Select a Partner or location from the Select your Partner or Location drop-down in the header.
  5. Select Go.
  6. Select Supplier Risk Assessments.
  7. Select Dashboards.
Metric Description
Current Trends
Supplier Risk Assessments by Status – Open Total number of Supplier Risk Assessments categorized by Status (Draft, To Do, In Progress).
Supplier Risk Assessments by Business Priority Number of Supplier Risk Assessments categorized by Business Priority (Critical, High, Medium, Low) and Status (Draft, To Do, In Progress).
Supplier Risk Assessments by Overall Risk Level Number of Supplier Risk Assessments categorized by Overall Risk Level (Critical, High, Medium, Low) and Status (Draft, To Do, In Progress).
Supplier Risk Assessments by Business Function Number of Supplier Risk Assessments categorized by Business Function and Status (Draft, To Do, In Progress).
Due Date Monitoring
Overdue Supplier Risk Assessments Total number of assessments with Due Date less than current date, categorized by Status (Draft, To Do, In Progress).
Due in Next 24 Hours Total number of assessments due within next 24 hours, categorized by Status.
Due in Next 7 Days Total number of assessments due within next 7 days, categorized by Status.
Due in Future Total number of assessments due beyond 7 days by categorized by Status.
Mitigation Plans Overdue Total number of Supplier Risk Assessments in Mitigation Planning where the Target Completion Date has passed, indicating delayed risk mitigation actions.
Network Performance
Supplier Risk Assessments by Supplier Coordinator Total number of assessments grouped by supplier coordinator and categorized by Status.
Organizational Performance
Supplier Risk Assessments by Assessment Coordinator Total number of Supplier Risk Assessments grouped by Assessment Coordinator and categorized by Status (Draft, To Do, In Progress).
Supplier Risk Assessments by Risk Rating Total number of Supplier Risk Assessments categorized by Risk Rating (Critical, High, Medium, Low) and Status (Draft, To Do, In Progress).
  1. Select the Main Menu icon.
  2. Select My Networks.
  3. Select a [POET Network] from the Select your Network drop-down in the header.
  4. Select a Partner or location from the Select your Partner or Location drop-down in the header.
  5. Select Go.
  6. Select Supplier Risk Assessment from the left menu.
  7. Select Filter.

  8. In the Filters panel fill one or more of the following fields:

    1. Title – Search by full or partial assessment title.
    2. Supplier Name – Filter by supplier being assessed.
    3. Owner – Filter by internal assessment owner.
    4. Business Function – Filter by business function engaging the supplier.
    5. Assessment Trigger – Filter by reason for initiating the assessment.
    6. Overall Risk Level – Filter by classified supplier risk level.
    7. Status – Filter by workflow state.
    8. Priority – Filter by assessment priority.
    9. Created Date – Filter by assessment creation date.
    10. Last Updated Date – Filter by most recent update.
  9. Select Apply.
    Matching supplier risk assessments are displayed.

Tag end