<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=691116991096043&amp;ev=PageView&amp;noscript=1">
Skip to content
  • There are no suggestions because the search field is empty.

🛠 Create Your Own - MarketIQ Monitoring & Escalation Workflow

Create a workflow for the autonomous risk monitoring of your vendors.

 Safeguard Compliance

Estimated Read Time: 13 Minutes

 Estimated Configuration Time: 30 - 55 Minutes

Requires Market IQ

Sections in this article:

Note: If you only have Market IQ Lite and want to learn more about   Market IQ Advanced features, please contact your Customer Success Manager or reach out to our Customer Success Team to discuss upgrading.

Introduction

This workflow automates monitoring your vendors for any financial or cybersecurity risks.

Once you have connected a vendor to one of our Market IQ modules,  the workflow uses the live data to trigger reviews when risk scores change.

Workflow Diagram: XML / PDF

 

 

Mandatory Configuration

The steps in this section outline the essential setup required to make your workflow fully functional. 

The ⬇️ Additional Configuration ⬇️ section covers optional additions to expand the scope of your process or tailor the workflow to better align with your organisation’s unique policies, procedures, and Gatekeeper subscription features.

Add the Template

To get started, you'll need to add the template workflow:

  1. From the navigation menu, click Workflows.
  2. Click Add, then select Workflow Template.
  3. Click Create on the 📉 Market IQ Escalation 📈 template.
  4. Amend the title if needed, then click Create.

Configure the Trigger/s

You'll need to configure the triggers to set the conditions for when vendors will be triggered onto the workflow:

  1. From the navigation menu, click Workflows.
  2. Expand the 3 dots on the relevant workflow, then select Workflow Triggers.
  3. Click ➕ ADD TRIGGER
  4. Enter a name, then click Create.
  5. To set your workflow trigger conditions, click + ADD.
  6. Select the field that will trigger the workflow, then select the operator and value.
  7. Click Create. Repeat these steps if the trigger requires multiple conditions.

 For Market IQ Financial, it's recommended to build a trigger with the following conditions:

Field

Operator

Data Value
Vendor / Market IQ | Financial / Credit Rating / Trending n/a Down
Vendor / Market IQ | Financial / Credit Rating one of C, D, E
Vendor / Status one of Pipeline, Live

For Market IQ Cyber, it's recommended to build a trigger with the following conditions:

Field

Operator

Data Value
Vendor / Market IQ | Cyber / Security Grade / Trending n/a Down
Vendor / Market IQ | Cyber / Security Score less than 75
Vendor / Status one of Pipeline, Live

Note: Each individual trigger operates with AND logic, so the examples above must be configured separately.

You can also add triggers that are specific to certain vendor types, for example you could set up an additional trigger such as:

Field

Operator

Data Value
Vendor Type one of Critical
Vendor / Market IQ | Cyber / Security Grade n/a Trending Down
Vendor / Market IQ | Cyber / Security Score less than 85
Vendor / Status one of Pipeline, Live

In this example, vendors marked as critical are held to a higher standard, so their threshold for entering the review workflow is lower than for other vendors.

Create Workflow Group/s

Next, you'll need to create a workflow group for users responsible for reviewing vendors. For this workflow, it's recommended to create a centralised Risk/Vendor Management team, and if required: 

  • For Market IQ Cyber: An InfoSec Team
  • For Market IQ Finance: A Finance Team
  1. From the navigation menu, expand Settings then click Users.
  2. Click Add then select Workflow Group.
    add wf group
  3. Enter a title and, if useful, an optional description, then click Save.
  4. Expand the 3 dots on the newly created group, then select Edit.
    edit group
  5. Click Add Member.
    add wf member
  6. Select the user from the dropdown list then click Save.
  7. Repeat steps 5-6 until all group members have been added.

Assign Phase Owners

Now that the workflow groups have been set up, you'll need to assign them as phase owners.

  1. Click the Vendor & Risk Management Review phase to edit it.
  2. From Form Access, select the radio button for the responsible users/groups. This could be your Vendor Management Team and/or the specific team responsible for the risk (e.g. InfoSec for Market IQ Cyber or Finance for Market IQ Financial).
  3. Repeat these steps for the following phases:
    1. Holding Phase | Monitoring
    2. Offboard Vendor

Note: The Internal Vendor Manager Review phase is already configured to be owned by the Internal Vendor Owner, with a backup owner being the Card Creator.

Amend Email Notifications

The template is designed for monitoring vendor risks from the Market IQ Financial or Market IQ Cyber data. Therefore, you'll need to adapt the notification emails to ensure the phase owners have the relevant details.

  1. Click on the phase where you want to edit the notification content.
  2. From Notifications, click the pencil icon for the Email Template for any of the enabled notifications.
  3.  Delete the tag and the word OR from the line below if it doesn’t apply to your workflow:
    1. {{ market_iq_financial.summary }}  OR  {{ market_iq_cyber.summary }}
  4. Add any other context as necessary for your review process, then click Update.

Add the Market IQ Metadata to the Form

Next, you need to add the Market IQ data to the workflow form:

  1. Click the start phase to edit it.
  2. From Form, click ADD SECTION.
  3. Enter a Name e.g. Market IQ Financial Data.
  4. Select the following from the dropdown lists:
    1. Predefined: Vendor
    2. Custom Data Group: Market IQ  | Financial
  5. Click Save.

If required, click REORDER to drag and drop the new section to a different position in the form:

Note: Once you added, this form section will be Read Only by default on all phases. If required, you can change it to Hidden for phases where the Market IQ values shouldn't be shown to users (e.g. on the Vendor Portal phase).

 

Configure the Form Questionnaires

There are three custom Form Sections in the workflow. These are designed to capture context, feedback, or decisions from users during the review process.

Expand each section to learn more:

Vendor Owner Questionnaire

Purpose: Capturing feedback from the Internal Vendor Manager. The pre-existing [Yes/No] field allows them to escalate this review form to the vendor for more details.

Suggested Additions:

  • How important/healthy is our relationship with this vendor? [Multiline freetext]
  • How important is the service they provide to us? [Multiline freetext]
  • What is your desired outcome if the issue/risk is too large for us to accept? [Multiline freetext]

 

Vendor Portal Questionnaire

Purpose: Capture feedback directly from the vendor being assessed. This gives them the opportunity to provide additional context or reassurance about the new risk.

Suggested/Example Additions:

  • Were you aware of this recent incident? [Yes/No]
  • Is there any context about the risk we should know? [Multiline text]
  • What policies/procedures were in place to mitigate this issue? [Multiline text]
  • What steps are being taken to mitigate/remedy this issue? [Multiline text]
  • What steps are being taken to prevent a re-occurrence? [Multiline text]

 

Internal Decision

Purpose: Capture the actions from the main vendor/risk management decision makers.

Suggested/Example Additions:

  • Notes (if vendor will be off-boarded) [Multiline text]
  • Notes on reasons the risk can be accepted [Multiline text]
  • BCP/Risk Planning Document [Attached file]

 

To edit the questionnaires:

  1. Click on the start phase of the workflow to edit it. 
  2. From Form, within the Section you wish to amend:
    1. Click ➕ ADD FIELD to include additional questions in the form.
    2. Expand the 3 dots on a field, then click the pencil icon or delete icon to amend existing fields.

 

🛠 Additional Configuration 🛠

This section covers optional steps to adjust the workflow’s scope or default settings, helping you tailor it to your organisation’s needs.

Remove the Vendor Portal Review

The workflow template includes an option to involve vendors in the review process when a risk arises, to get their input before taking action.

However, if your Gatekeeper subscription does not include the Vendor Portal, you can remove this step to make the workflow internal-only.

Part 1 - Remove Transitions Pointing to the Vendor Review Phase
  1. Click the Internal Vendor Manager Review phase to edit it.
  2. From Transitions, click the delete icon on the Submit | Escalate to Vendor transition.

Delete transition

Part 2 - Remove the Associated Form Questionnaire
  1. While still on the Internal Vendor Manager Review phase, navigate to Form.
  2. Click the delete icon on the VENDOR PORTAL QUESTIONNAIRE form section, then click Delete to confirm.

    Delete transition
  3. In the VENDOR OWNER QUESTIONNAIRE section, delete the fields for Context and Should we escalate...?.
    delete VP fields

Part 3 - Archive the Phase

Click the Vendor Review phase, then click Delete.

delete VP phase

Additional Setup Outside the Workflow

If you’ve followed all of the steps above, your workflow is nearly ready to launch. However, to help the process run as smoothly and reliably as possible, there are a few additional areas of your Gatekeeper tenant worth reviewing.

Connect Vendors to Market IQ

Vendors cannot be monitored for risk reviews via this workflow if they are not connected to Market IQ.

Connect a Vendor to Market IQ Financial
  1. Navigate to the relevant vendor record, then click the Market IQ tab.
  2. From the Market IQ Financial section, click Connect.
    MIQ Financial connect-1
  3. Enter the details for the vendor, then click Find. If no results are found, ensure the vendor details are correct and search again. 
    MIQ financial find
  4. Review the Company Name and information from the list of results, then click Apply. A confidence score is returned in the case of multiple results.
    apply MIQ Financial-1

 

Connect a Vendor to Market IQ Cyber

To connect a vendor to Market IQ Cyber, you need to ensure the Website field is populated for the vendors you wish to monitor. This will connect them automatically.

Note: To ensure new vendors are connected, it's recommended to embed this within your vendor onboarding process. If you do not have one, see 📖 Create Your Own - Vendor Onboarding Workflow

Populate Internal Vendor Managers

The first phase of this workflow works best if the appropriate Vendor Manager is assigned and notified that one of their relationships is showing a new risk. Therefore, it's recommended to ensure that vendor records have an internal owner assigned.

  1. Open a vendor record which has no internal owner.
  2. ClicEdit and navigate to the Owners section.
  3. Select the relevant user from the internal manager dropdown then click Save & Exit.

Note: If multiple vendors need to be assigned owners, it's recommended to use bulk update to do this efficiently.

Add Vendor Users

If you are using the Vendor Portal to request input from vendors, you should check that vendors have at least one activated Vendor Portal user.

  1. Open a vendor record which has no vendor users.
  2. Click Add then select Vendor User to add a new contact.

Note: If you want to invite them to the Vendor Portal straight away, you can select the Invite into Gatekeeper checkbox before clicking Save. Otherwise, the workflow will automatically invite them into Gatekeeper if a card lands on the Vendor Review phase.

You can also see a full list of all vendor users in your tenant, and bulk import users:

  1. From the navigation menu, expand Settings then click Users.
  2. Click the Vendor Users tab.

vendor users list-1

⚡️Getting Started⚡️- Activate the Trigger

Once your workflow is fully configured, simply activate the triggers to make it live:

  1. From the navigation menu, click Workflows.
  2. Expand the 3 dots on the relevant workflow, then select Workflow Triggers.

  3. Click to open the trigger.

  4. Click the  pencil icon on Trigger Status.
  5. Select Live from the dropdown list, then click Update.
  6. Repeat steps 3-5 for all triggers.

Any vendors connected to Market IQ will automatically begin the risk review process when there is a drop in their scores in line with your trigger conditions.

 

Additional Reading 📚

  • Market IQ Financial - Learn about the data available within our CreditSafe integration module
  • Market IQ Cyber - Learn about the data available within our Security Scorecard integration module
  • ⚡️Vendor Portal Expert - Invitation Emails - Review how to set clear expectations with vendor users from the outset and operate with transparency in all your new relationships
  • ⚡️Testing Triggered Workflows - Learn how to manually trigger test cards for this workflow to test out the process before switching on the real triggers.