Supplier oversight surveillance
When you open the Supplier Oversight module, you will see the Supplier Oversight Surveillance section. This gives you an overview of all actions related to your supplier oversights.
Overdue Oversights: Oversights where the current version deadline has passed and are now overdue.
Scopes with no active oversight version: Oversights where the previous version is completed, but no new version has been created yet. It is recommended to create the next version in order to plan upcoming oversight activities.
Suppliers with no oversight scope: Suppliers that are not linked to any oversight. If a supplier is not relevant for oversight, you can exclude it.
Unread messages: Messages sent by external users that have not been seen or answered by any users from your organisation.
Unhandled findings: Findings that have been created but not yet handled.
Unfinished oversight with completed information collection: Oversights where the supplier has completed evidence and questions, but the oversight has not been marked as completed.
Supplier oversight
Note: The following description is based on the Automatic oversight type, which is the most common approach.
When you work with an active oversight, you have several tabs that show the status of the information collection. From here, you can manage findings and communicate with invited participants from the supplier through the chat feature.
Security evidence
From the Security Evidence tab, you can follow the progress of uploaded files.
You can also upload files yourself if the supplier provides information outside the external platform (for example by email). You can register findings on individual evidence types directly from this tab.
Questions
From the Questions tab, you can see the progress of answered questions.
You can also register findings related to specific questions.
Findings
From the Findings tab, you see an overview of all findings related to the oversight.
You can create new findings and manage existing ones here.
Findings are used to gather observations and risks related to the oversight. Some of the findings might require handling, which can be managed through the status of the finding or in a separate task.
Chat
From the Chat tab, you can communicate directly with invited participants from the supplier. This is useful if the supplier has questions or needs clarification.
Advanced features
Supplier oversights include several advanced features, such as versioning and configurable templates.
Manage versions
When you complete an oversight, you can choose to automatically create the next version by enabling Create next oversight. If you do this, Complychain creates a copy of the completed version and updates the deadline and initial date based on the frequency settings, which is ideal when there are no major changes to the oversight.
You can also manually create a new version. In that case, you go through the configuration flow again, including concept, evidence, participants, and notifications.
Email templates
Administrators can configure the email templates used in oversights.
All four email types can be customized in both Danish and English.
Questionnaire templates
Administrators can create questionnaire templates to be used in oversights.
By default, GDPR and NIS2 templates are available in Danish and English.
Click + Create to define your own templates.
Introduction template
Administrators can also configure the introduction text shown in the external oversight platform. You can edit the text and preview it by selecting View.
Hint: You can use dynamic variables in the templates by applying the "{{ ... }}" syntax with the available variables.
