Using Vendor Mgmt Workspace for TPRM and Security Scorecard

Cheryl ODell · ‎02-03-2025

Hi all,

We have recently implemented Third-party Risk Management (TPRM) and are looking at possible risk intelligence providers. We have a demo with SecurityScorecard and have installed/configured the SecurityScorecard for Vendor Risk Management integration in our DEV environment. We can see the scores of vendors we sync up with SecurityScorecard from the classic view, but cannot see the scores from the Vendor Management Workspace view. I like how quickly we get the scores from SecurityScorecard based on a couple of other providers we've looked at - but it's imperative that the score is available to view from the workspace view. Has anyone else had issues with this or can anyone offer some guidance of what to do? I've been scouring ServiceNow and SecurityScorecard documentation and not having much luck. Thanks in advance for any advice!

Connor Levien · ‎02-04-2025

Hey @Cheryl ODell, I believe you have to put the SecurityScorecard results into the risk intelligence scores table for it to appear on the workspace. If you are using Security Scorecard they maintain their integration with ServiceNow and they should be able to update their integration to support the workspaces.

Alternatively you can also configure it following the below guide

https://www.servicenow.com/docs/bundle/xanadu-governance-risk-compliance/page/product/grc-vendor-ris...

Once the data is put into the Risk Intelligence Scores table it should appear on the workspace

Cheryl ODell · ‎02-07-2025

Thank for the info; I did look through the article. I talked to SecurityScorecard, and there is a scheduled job that runs once a day which syncs it into the Workspace. The job is SecurityScorecard for Third-Party Risk Management Daily Run. I ran execute now after first syncing with SSC, and it showed up in the workspace.