great so it'll be respectful of everyone's time we will get started uh the session will be recorded So if you miss anything or you need to drop early by all means uh do so and it will be posted in the community afterwards but I'll get into that as we get into the slides so as I noted um everyone's going to be placed on mute um we will record the session and share it in the community Forum afterwards when the session ends you'll be prompted to fill out a brief survey which we use that information to inform us uh as to how to improve these sessions moving forward uh so please definitely let us know as noted the Q&A feature is uh the best place to ask the S questions throughout the session because we can record that afterwards the chat just goes away um but the Q&A allows us to um keep record of those questions and if there is Need for followup we uh can do that with you um so definitely uh Q&A is your best friend uh otherwise um I want to get into to the applications and updates that are now available in the service now store but first I will go through a few of the other uh live on service now sessions that we have already conducted and or are that are coming for you so we did business continuity management RIS and risk management we are now on the thirdparty risk management portion of what's coming in our risk products and upcoming we have four more sessions that go through different different areas uh mostly of irm but then also our independent product privacy management so definitely check those out later in the session there'll be a QR code where you can sign up for those or they are available where you signed up for uh your session before uh Marie was kind enough to let me know that we missed off ESG uh which is on the 30th of September so definitely check those out um and we'll get more into the details of thirdparty risk management right now uh this is our overview slide so it gives you a detail of what's going to be talked about there's two slides um we are introducing a thirdparty subelement hierarchy and some visualization features which are allowing you some more flexibility with how you organize your third parties and how you assess down to a more granular level so Britney's going to get into that um this allows you to aggregate scores up to uh the third party level um and to visualize your risk concentration more thoroughly so if you're looking at things geographically um due to weather ESG or other Global impacts to your third parties we're letting you get down to a deeper level so you can do things like assess data centers um or independent people um or products that you're working with with your third parties so some really cool things to uh share with you there and then also um we are introducing our new risk intelligence framework which allows you to us to um and the product to ingest um some broader risk intelligence content types so if you think about the clearest example is sanction screening um and that's going to allow us to ingest uh information for from different third-party content providers so that's really exciting for us um and something that people have been asking for um we're also uh hoping that this uh irq scoring logic will help you streamline your workflow reduce vendor fatigue and enable you to trigger assessments at a better level as well for those third parties based on some of that irq logic so look for those in the demo that uh Britney is going to share and I will pass control to Britney if you'd like to take control of the screen thanks Ros sure happy to share all right so first things first um to Raj's point I will go ahead and start with the um ability to now capture elements so as Ros indicated the introduction of this feature this piece of functionality is really to allow you to um take things down to a more granular level um so when you're interacting with your third parties and and you're standing up new engagements one of the um the pieces of feedback that we got from from you all is that you were looking for a way to get an additional level of granularity so that you were able to risk assess not at the entire engagement level but at specific line items or uh components of that engagement so if you're Contracting a number of services let's say you may want to risk assess each one individually and have your score com comprise and includes some Nuance as to the risks associated with each one of those elements or if you're engaging with a third party that does business in multiple different locations you may want to capture those locations as individual elements within an engagement so that you can identify if there are risks associated with one specific location that may not apply to the others and so in order to facilitate that we'll go ahead and we'll take a look at where this lives within the the process it is part of the due diligence process now um it is optional for you to include or capture elements from your third parties um but we'll take a look at it looks like if you do want to include it in your process so I'm just going to take a look at our due diligence uh management dashboard here um I've logged in as a vendor risk manager um who has access to this and we can see from his perspective on this dashboard that we actually have this new card here as part of the um as part of the process for thirdparty element collection so we can see that we've got um a few different engagements that are in that process um and so this lives in between the irq and your due diligence and if we take a look at the um at the due diligence requests that are already in the irq process right before uh we can go ahead and we'll drill into one of these and see what it looks like to actually initiate the collection so if I drill into this engagement from our um data center um provider and maybe we want to engage with them on some uh on-site data center Management Services that they provide let's say maybe they're um willing to go in and and clean the dust off of our servers or or swap out parts or something like that um and so we want to go ahead and get an understanding of what all those different components that they offer are and assess risk depending on the level of service that we are Contracting with them so we can see um that we have uh already completed our uh questionnaire for the irq that's been completed internally so if we go ahead and close this and then return to the due diligence request overall we'll see the next step is as always you have the opportunity to start you due diligence but we have the new Option this new button here to start collection and if we go ahead and drill into start collection what this is going to allow us to do is first it's going to give us a an indicator letting us know that we need to goad and add questionnaires to go ahead and collect those elements and and if we navigate to that we can see that right from within here we can go ahead and add a questionnaire that is from The Collection template category right so this collection template category is really allowing you to send specifically a questionnaire to a third party to collect these different elements or these different components and we do deliver you some out of the box um you can use these I've just duplicated one of them and added a little bit of additional color for this demo around data center Management Services um just to have something to take a look at and we can go ahead and submit this to our third party so if we go ahead and switch over to the perspective of our uh thirdparty contact um I've just let me impersonate that person uh his name is Owen orpin so if we impersonate this contact and log into his Vendor Portal um we can see that we've got a couple of uh different engagements open already um but we'll go ahead and we'll drill into our onsite data center Services request um and we can see from within here that we have this item now this questionnaire specifically around collection and so from within here we can see that this is really capturing all of the fields that we need on the um organization side on the procurement side to uh populate and and Define exactly what each of these different elements are so if I'm collecting a set of data center service offerings I might want to know several different items about them again this is all up to you what you include Within uh this questionnaire within this template uh but I want to know the name I want to you know understand if there's a retail price associated with this maybe I want to capture a couple of different components um things like do does this service require access to the Whit space does it require um access to servers or racks um and do I actually need to log in and access the Ser the server digitally as well um and so depending on all of the the different elements that you may want to capture or the different characteristics of your element that you may want to capture um the the um vendor can fill all of this out for all of the different offerings now once you have collected the um the elements and like I said they don't have to be Services these could be locations where you operate these could be individual contractors right individual people um that you're working with that you may also want to capture at that more granular level and risk assess so I'm going to fast forward a little bit and show what this looks like once we've got those elements collected and in the system and switch back over to my view as the vendor risk manager so if we come back to the vendor management workspace we can see in the list view that we actually have a new section here in the list view specifically for managing your third party elements right so this is where these will be able to live from within the workspace view we can see all of them listed here um and uh to me the most helpful view is is this one where we can actually see the elements by specific um engagement requests right so for each of our engagements we can see what are the specific uh entities that we're capturing um and then you're actually able to initiate a risk assessment on that individual element um and this is an example here for work faster service Outsourcing where we've just already populated that so as part of this specific engagement I now have a more comprehensive understanding of what my risk looks like across different location across different products or services or individuals um that then can go into my uh due diligence process from there so that's a quick look at the element collection process to give you that little bit of a preview one of the things I wanted to know is we don't usually talk about pricing and things on this call but the elements do sit under an engagement so they're not adding an additional cost to the hierarchy um they sit under engagement specifically so I do want to call that out if you do have specific questions about prices definitely talk to your sales rep but I just want to make sure that people are aware of that yeah that is that is a great Point um we do get questions about about pricing often so it's that's a really good one to kind of head off um all falls under the engagements category so that means you get uh unlimited elements that you may want to include or risk assess as part of your engagements all right so um next up are the risk intelligence and uh IQ enhancements so we'll just stay here on the list View and we'll take a look at the risk intelligence report requests um so for those of you who are familiar with the um risk intelligence uh provider functionality we now offer additional functionality from within the workspace view um so there are now three different ways that you can request a report from an intelligence provider one is directly here from within the list view so I could come in and just add a new uh report request right from within the workspace and and start populating who's the provider um what level of report am I looking for from them um I can request a a uh intelligence report as part of the due diligence process so as long as I'm at the irq or later State I can request um an intelligence report for um let's say a third party as part of um a uh a new onboarding request or I can also initiate this directly from within the third party itself again also right from within the uh workspace so if I come to my list of all third parties let's just say that we want to go ahead and find a third party that we want to apply or uh request an intelligence provider uh report from we can see that we have a new tab here specifically for our risk intelligence report requests so right from within here we could go ahead and initiate a new request nice thing about doing it from within here is that it just defaults u a little bit of information for you um specifically the the third party itself um and then those results are going to come back and um live here within your risk intelligence scores so again just allowing you a lot more usability in terms of where does the work all you know traditionally get done um if we want people to stay in the workspace if you want to make it easier for your fendor Risk Managers for your business users um to put these this functionality in these requests where they're doing the work that's really what this enhancement is designed to support um and just enhance that usability reduce a few clicks and and put things where people expect them to be and can I ask you a question about the ability to order reports some of these reports can go up fors of you know $10,000 $155,000 um what's the best recommendation on how you um uh you know limit that ability to order reports or do you put a approval process or how does that work yeah so um that's good question you do need to of course have an existing relationship already with your um provider so even though we deliver Integrations out of the box that's still up to you to maintain that and establish those contracts um you do have the ability to set up specifically within the system what types of reports and the um the uh sort of exact um category of report you want to order um so that you can limit the um the access to different types of reports um by just making certain ones available for example um but the best practice absolutely would be to include a level of approval um and and really just put that control in place to make sure that um yeah somebody has an extra set of eyes to make sure that the request really is necessary that it's legitimate um maybe that's conditional based on on the level of report that you're requesting for or the third party for example um but it would be a good idea to to build that request into the process you can I add something uh uh to that on this particular functionality um we we're shipping some out of the box already uh the connections with the report providers um and you know the we're also shipping the ability for our customers to um connect with their preferred vend uh of reports in and build this so you have the ability to um interact with as many of providers as you want so long as those providers are able to connect to our apis and send you the information uh for the request and the data that comes in um we'll be expanding on these providers out of the box but for now we have these ones uh that come out of the box and the ability for uh you to uh build as many as you want uh based on your uh business needs thank you all right so last up um is the enhancements to irq scoring so for this one we are going to step out of the workspace because it is um a little bit um more along the lines of configuration and we're going to go ahead and take a look at our question templates for the irq specifically and we can see where the uh where the um scoring for uh this new irq functionality really lives now what's really exciting about this is that it is building in um some much needed automation to kind of bridge the gap between your irq and your ddq um and it's allowing you to combine both your tiering and um your uh let's see onboarding it's allowing you to combine your tiering assessments and individual questions from the irq and allowing that to drive the questionnaires that get sent to your third party so if we take a look at uh this template for example our our general irq questions as part of our onboarding irq um and we take a look at this question one we can see that within here we've got this new related list for Associated questionnaires so what this is is going to give us the opportunity to do is say Okay based on the answer to this question in the irq we want to send out this financial related questionnaire right this is a question around um the total spend with this organization so if it's over a certain threshold we may want to send out a specific questionnaire and we can see that this in this case is getting sent to the engagement um but you also have the option to send this to the third party as well um and here's where you can see if we wanted to add an additional relationship we could say based on the specific answer to this question um if the the response actually matters or and or um if we have a tier associated with this um particular third party or um the uh engagement or the irq we can then use that logic to drive the questionnaire that gets sent out and like I said it gets sent either to the third party or to the engagement um so this is of course in response to some of the feedback that we've gotten that customers that you all are looking for more control over the scoring within the system in general um and we also wanted to add in that automation so that you can start defaulting the questions that are going to be part of your due diligence process based on the outcomes of the irq um so this is a really nice way to kind of combine a few of those different requests um and deliver what we believe is going to be some uh really valuable functionality to help exped your process and and automate this this piece of it and that is it for what we've got for demos awesome um let me take control back um I was not expecting that quickly I was trying to do some uh Community event links but those are also later in the presentation which I will uh get back to as well so if we get back to the presentation over here um I will share that and we have a couple of questions that came in um and we can