How Do I Confirm My Account, Complete Questionnaires, and Respond to Issues?

If your client is using the KCM Governance, Risk, and Compliance (GRC) platform to manage their third-party or vendor assessments, they will create a user account for you to use when completing their questionnaire assessments.

Use this guide for help with activating your new account, completing questionnaires, and addressing any "issues" created by your client.

Jump to:

Activating Your User Account

Completing Questionnaires

• Tips for Answering Questions Individually
• Importing Answers via Assessment Tools
  • File Specifications
  • Instructions for Importing Answers

Responding to Issues

Activating Your User Account

When your client adds your user account to their platform, you'll receive an email inviting you to activate your account. The email will look similar to the image shown below.

Email: Please Confirm Your New KCM Account

Follow the steps below to activate your KCM user account.

1. Click the Activate Your Account link in the body of the email.
   As a safety precaution, always hover over email links before clicking them to ensure the link is taking you to a safe website. If you don't feel comfortable using the email link, you can reach out to your client for the URL.
2. From the Activate User page, enter the unique Activation Code provided in your email.
3. Create a password, then re-type the password in the second field to confirm. Your password must be a minimum of 8 characters. 
4. You'll be redirected to the KCM login page where you'll enter your email address and password.
   However, if your client has not assigned a questionnaire at this time, there's no need to sign in to your account. You'll receive another email once a questionnaire has been assigned to you.

See the next section for details about completing questionnaires in the KCM GRC Vendor Portal.

Back to top

Completing Questionnaires

Once your client has sent a questionnaire to your KCM GRC portal, you'll receive an email notification (click to view an example). Use the link in this email to log in to your portal and complete the questionnaire.

If your organization typically uses answer templates from an industry-standard questionnaire tool such as CAIQ (Consensus Assessments Initiative Questionnaire) or SIG (Standardized Information Gathering Questionnaire), you'll have the ability to upload this spreadsheet file to automate your assessment responses.

×

"A new Questionnaire has been assigned" Email

Close

Follow the steps below to access your questionnaire in the Vendor Portal.

1. Use the link in your notification email to log in to your account. Alternatively, your client can provide the link to log in to your account.
2. Once logged in, you're brought to the Vendor Portal Dashboard. Here you can find the questionnaires your client has assigned, see any issues created as a result of your assessment responses, and view any documents that you've supplied with your assessment responses.
   To begin the assessment, click the Questionnaire name from the Questionnaires portion of the Vendor Portal Dashboard, as shown below.
   
3. Depending on whether your client has used a questionnaire template (such as CAIQ or SIG), you may have two options for answering the questions.
   See the applicable section below to learn more:
   • Tips for Answering Questions Individually
   • Importing Answers via Assessment Tools (for SIG or CAIQ questionnaires)

Back to top 

Tips for Answering Questions Individually

See below for helpful tips for responding to your questionnaire assessments.

Tip #1: IMPORTANT: As you respond to questions, you must use the Save Answer button to save each of your answers.
You will not be able to finalize or submit your questionnaire until you've saved each response. Also, if you need to finish the assessment at a later time, only the saved answers will be saved for your progress.

Tip #2: Use the Add Comment and Attach File buttons to add additional notes or supporting files to your responses.

Please note that comments are limited to 1000 characters. 
Please note the file limitations for files attached to individual questions:

• File Size: Maximum of 5 MB (not applicable for imported responses)
• File Name: Maximum of 250 characters (including the file extension)
• Accepted File Types: .png, .jpg, .jpeg, .gif, .bmp, .tif, .tiff, .pdf, .txt, .rtf, .eml, .msg, .csv, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .zip, .gzip, .7z, .gz, .tar, .tgz, .nrl

Tip #3: To replace or remove an attachment, or to edit a comment you've added, click the Edit button, then click Yes when prompted.

Tip #4: To ensure you've addressed all of the assessment questions, toggle between the question sets using the Sections menu on the right-hand side, as shown below.

The fraction to the left of each section represents the questions you've answered/total questions in the section.

Tip #5: Questions with answers presented in a checkbox format allow you to choose more than one answer.

Example: Checkbox Answer Format

Tip #6: The free-form answer fields hold a maximum of 1000 characters. If you need additional room for your answer, click the Add Comment button to add a comment with more information.

Example: Free-form Answer Format

Tip #7:Once you're finished, click the Finalize Questionnaire button at the bottom of the page to submit your questionnaire. Once you've clicked this button, your client will receive an email letting them know you've completed the assessment.

Example: Finalize Questionnaire Button

Back to top

Importing Answers via Assessment Tools

If your organization has an official assessment management tool that you use to respond to industry-standard questionnaires such as CAIQ (Consensus Assessments Initiative Questionnaire) or SIG (Standardized Information Gathering Questionnaire), you'll have the ability to upload this file to quickly answer the questionnaire.

File Specifications

The file must be an official assessment management tool produced by one of the following sources: 

• Standardized Information Gathering (SIG) Questionnaire
• Consensus Assessments Initiative Questionnaire (CAIQ)

The assessment-answering tool should be in one of the following file formats:

• XLSX
• XLSM
• JSON

See the next section to learn how to import your answer file to the Vendor Portal.

Instructions for Importing Answers

If your organization typically uses an assessment management tool to respond to industry-standard questionnaires, follow the steps below to import your answer file:

1. From the Questionnaire Submission page, click the Import Answers button toward the top-right.
   
2. From the Import Answers window, select the appropriate questionnaire from the Questionnaire Type drop-down menu.
3. Then, use the Click to Upload button to select your assessment tool answer file.
   
   

   Note:

   For more information about the types of assessment tools that you can import, see the File Specifications section, above.
4. All of the questions you've addressed in your answer template spreadsheet will populate in the Import Answers window (shown below). You can use the Click to Upload buttons if you need to upload a file to support your response to a question. Click the trash can icon button to delete any answers you don't want to import. If you've added comments to your answer template they will transfer to the KCM portal.
   
5. Once you're satisfied with the answers you're uploading, click the Save button at the bottom of the window.
   

   Tip:

   After you've uploaded responses, if you need to edit an answer, add comments, or attach a file to a response: Make the necessary changes in your answer template, then re-import the file. From the Import Answers window, use the Click to Upload buttons to attach files to your answers.

6. Once all of your answers have been imported, or manually addressed, click the Finalize Questionnaire button at the bottom of the page to submit your assessment. Your client will receive an email at this time, letting them know the questionnaire is ready for review.

Back to top

Responding to Issues

Your client can create "issues" for your assessment responses if they are unsatisfied with your answer or if they need more information. The purpose of an issue is for further communication with your client.

You'll receive an email notification if issues are created for one or more of your questionnaire responses.

See the instructions below for responding to issues:

1. Log in to your KCM account using the link in the email notification you received when your client created an issue.
2. You can see the open issues from the Vendor Dashboard or by clicking Issues from the navigation panel on the left-hand side of your account, as shown below.
   
3. All open issues will be listed. Click on the issue description to open the issue.
   
   

   Note:

   Each issue will have one of the following priorities: Minor, Moderate, High, or Critical.
4. From the Issue Details page, read the client's Issue Description. Below this description, you'll see the original assessment question that is being referenced in the issue.
   
5. Use the Response field to type your response to the Issue Description. Responses have 1000 character maximum.
6. Then, click the Save Response button to submit your response.
7. If you need to provide a file to satisfy the issue, use the Click to Upload button on the left-hand side of the Issue Details page. Please note, any files you've previously supplied for this assessment question will be replaced.
   

Once you submit your issue response, your client will receive an email notification letting them know you've responded. You will also receive an email each time your client sends a subsequent response for the issue.

Continue to communicate with your client until they close the issue. You can see closed issues from the Issues section of your console, under the Closed Issues (#) tab, as shown below.

Back to top