In order to view the Risk Score/ Risk Level an approver or an admin must have the following privilege:

First, to locate the Risk Score of a particular engagement, click the Risk Score tab within the TPM request. 

Answers from both the Business Rationale Questionnaire (BRQ) and the Due Diligence Questionnaire (DDQ) are used to calculate the score for the Risk Areas.

Each Risk Area can be expanded by clicking on the Down Arrow to the left of the Risk Areas. When expanded, the Risk Area scores applied to each question of the BRQ and DDQ are displayed. The third column from the left shows which questionnaire the response was provided (Either the BRQ or Ethics and Integrity Questionnaire (DDQ). 

The scores for the Risk Areas are then used to calculate the Overall Risk Score and Risk Level. 

Note: The Risk Score on the left is used to calculate the Risk Level on the right. 0 being the lowest possible score and 5 being the highest possible score.

• Each Engagement in the Third-Party Management product must be risk scored. Risk scoring cannot be turned off in the system. 
• Questions from both the Business Rationale Questionnaire (BRQ) and the Due Diligence Questionnaire (DDQ) are used to calculate the score for the Risk Areas.
• The default risk scoring configuration takes into account the most commonly used questions across our multiple clients.
• Conditional questions can be included in risk scoring. However, they will be treated as NULL/None.
• Risk Score, Risk Level, or Risk Area cannot be adjusted by a user manually, unless the user has the Adjust Risk Score privilege. 

Risk Areas, Profile%, and Profile+ Risk Score Configuration

Tenants can have any number of Risk Areas, which can be named based on Tenant preference. 

As a baseline, we offer the following Risk Areas:

• Ethics & Compliance (combined or separated below)
• Anti-Bribery & Anti-Corruption 
• Animal Welfare
• Competition
• Patient Safety
• Anti-Money Laundering
• Trade & Export Controls
• Off-Label Promotion
• Privacy and Information Security (combined or separated below)
• Privacy 
• Information Security
• Human Rights & Labor
• Health & Safety
• Environment & Sustainability
• Operational & Financial
• Legal 
• Financial
• Business Continuity
• Political 

Once the Risk Areas are selected by the tenant, the questions from the Business Rationale Questionnaire (BRQ) and the Due Diligence Questionnaire (DDQ) are then mapped to one or more selected Risk Areas. 

Next, when configuring an organization's Profile% and Profile+ Risk Score, tenants will be asked to give a score to each Country, Third-Party Type, Business Unit, and more. 

In addition to the score, Profile% and Profile+ can be configured to add absolute points to the weight score of answers provided within BRQ and DDQ. Giving a BRQ or DDQ element an additional score through the Profile+ Components ensures that higher risk scenarios are correctly identified. 

The final Risk Results Score of the BRQ and DDQ answers are used to calculate the Risk Area score. Note: If the same question is scored in different Risk Areas the highest score is applied. 

The Overall Risk Score is then calculated based on all the Risk Area scores. The weight of each Risk Area Score is determined by the tenant. For example, 25% Bribery & Corruption, 25% Sanctions & Trade, 30% Information Security & Data Privacy, and 20% Reputational & Legal. 

 The Overall Risk Score on the left is used to calculate the Risk Level on the right. 0 being the lowest possible score and 5 being the highest possible score.