FAQ
- Can I bulk download policies?
- What is the difference between self assessment & one time assessment?
- AD scan error
- How does Cynomi calculate the posture score?
- What is the scores profile target based on?
- How can I remove an assessment module?
- How can I see the assessment notes?
- Is it possible to mark a domain/policy out of scope?
- Microsoft Secure Score Error
TPRM
- What is the scope of the TPRM feature?
- What is Cynomi's value proposition for the TPRM feature?
- How does Cynomi’s TPRM compare to dedicated TPRM platforms?
- Why is managing third-party risk important?
- What gap does the Cynomi TPRM feature fill?
- How does Cynomi's TPRM support visibility into vendor risk?
- What’s the difference between the Impact assessment and the security assessment?
- How is vendor risk calculated?
- What is the difference between inherent risk and residual risk, and when should each be updated?
- What is the purpose of the final vendor rating?
- Can users adjust the weighting of questions in the impact questionnaire?
- Can uses set impact-question weights default at the Service provider level?
- What does the vendor risk heat map illustrate?
- Can Service providers use custom questionnaires?
- Do the questionnaires apply to non-technical vendors?
- If a vendor re-submits a questionnaire, is the previous version saved?
- Who has permissions to create and edit vendors within the platform?
- What's the benefit of having shared vendors at the service provider level?
- Can I delete a vendor (e.g., after switching suppliers)?
- What is the recommended workflow for adding vendors?
- Can security assessments created under the shared vendors section (at the service provider level) be modified from the sub-account view?
- Can users convert a sub-account vendor into a shared vendor (or vice-versa)?
- What happens if a vendor gets multiple invites from different Accounts and Sub accounts?
- Is the vendor user automatically deleted after completing their assessment?
- Does the vendor assessor role appear even if TPRM is not activated?
- Can vendor users see their calculated risk results?
- Can vendor assessments cover multiple products (e.g., Microsoft 365 vs. Azure)?
- Can vendors log back in and change answers after submission?
- Can users be re-invited once removed from the questionnaire?
- Can internal users add a user to an existing assessment even if they started by selecting it and starting themselves?
- What happens if I remove a user’s access from a questionnaire?
- What happens to submitted answers when removing access or inviting users?
- Can users export TPRM reports?
- Are we supporting reports that let us pick specific vendors and serve as a mini trust-center?
- Does completing TPRM automatically close Service-Provider & Vendor-Management policy tasks?
- Does the feature allow users to record a mitigation plan?
- Why don't we automatically link tasks to vendor assessment results?