Risk Tiers
Understand Critical, High, Medium, and Low vendor risk tiers and how they affect compliance workflows.
Risk tiers classify vendors by the level of risk they pose to your organization. The tier determines notification frequency, dashboard priority, and reporting visibility.
The Four Tiers
Critical
Vendors whose non-compliance could cause severe financial or legal exposure. Examples: general contractors, primary subcontractors on large projects, high-hazard trades.
- Expiration reminders: 90, 60, 30, 14, and 7 days before expiration.
- Dashboard: Always visible in the priority compliance widget.
- Reports: Highlighted in all compliance reports.
High
Vendors with significant but manageable risk. Examples: specialty subcontractors, security firms, elevator maintenance.
- Expiration reminders: 60, 30, and 14 days before expiration.
- Dashboard: Visible when non-compliant or expiring soon.
Medium
The default tier for most vendors. Examples: cleaning services, landscaping, general maintenance.
- Expiration reminders: 30 and 14 days before expiration.
- Dashboard: Visible when non-compliant.
Low
Vendors with minimal risk exposure. Examples: office supply delivery, vending machine services.
- Expiration reminders: 14 days before expiration.
- Dashboard: Only visible when filtering specifically for Low tier.
Assigning Risk Tiers
Individual Assignment
- Open the vendor's detail page.
- Click the Risk Tier dropdown.
- Select the appropriate tier.
During Bulk Import
Include a risk_tier column in your CSV with values: critical, high, medium, or low.
Via Bulk Operations
- Select multiple vendor records on the Records page.
- Click Change Risk Tier in the bulk action toolbar.
- Select the new tier and confirm.
Tier Changes Are Logged
Every risk tier change is recorded in the record timeline with the previous tier, new tier, and the user who made the change.
Need more help?
Browse our help center or reach out to our support team.