T
Tool we use to qualify suppliers
ARAVO
Name of the tool where we sign contracts?
ADOBE SIGN
Who has access in Aravo ?
Every P&G employee has basic access in Aravo – login into aravo.pg.com with your P&G Credentials.
What does TPRM mean?
Third Party Risk Management
How many risks are evaluated in TPRM?
4
What is the best approach if we receive a question related to VMD in the chat?
Redirect the user to the VMD team.
When will Privacy Updates Engagement task trigger?
If we select Approval Recommendation "Out of Scope" in the Privacy Review.
How many days does a supplier have to complete the TPRM Survey?
30 days.
How much time do I have to answer a chat?
5 minutes
Can an Engagement Requester task be reassigned?
No, only Engagement Owner can.
What does 3PIM mean?
Third Party Identity Management
Name 3 contracts applicable to a Data Processor
Exhibit A-B&C
PDHA
Low Risk Agreement.
How is the CSAT Calculated?
Promoters/Total Rating feedbacks
This question is a HIGH Audit Attribute:
Does Privacy Ops initiate required third party tracking and escalation based on market alignment?
No, this attribute is considered as Low
Which files should we upload in ARAVO before closing a case?
Service Confirmation Mail
Legal Confirmation Mail
At what step of the process does the 120 days countdown start?
When all the screeners were completed
I have a process stuck in system task called "Delay 1 - Cybervadis Account Import" for 3 days. Should I raise an incident?
No, this task will be open for 5 working days while CV receives the data from Aravo.
Name of the contract when:
-The supplier is the DATA CONTROLLER
- Supplier shares personal data with P&G
- P&G shares personal data with the supplier
Controller Agreement for exchange of data.
Mention three cases where we can make an Opt Out
Assessments as per related TP
Banks
Government Agencies
Some cases the vendor completed the survey recently so the answers are up to date.
What can a Privacy Ops agent do if it's not possible to identify a business owner or buyer during a TPRM Recurrence?
Complete the TPRM Ops Preview Recurrence task indicating that no business owner/buyer was found to mark the supplier as Not Qualified/Active
I am a GBS Buyer and I need to release a PO urgently for a new vendor. My vendor will have access to PII and provide software. Both teams sent a survey to the company but they didn't reply privacy survey within 30 days.
I will need to initiate a new third party creation because the process was canceled
What is the engagement status left if a vendor doesn't complete the privacy survey in 30 days or the InfoSec/RS survey in 120 days?
Not Approved
If a TPRM Agent closes a chat as "No user response", It can be consider to make a CSAT Fix?
We can NOT make a CSAT Fix
Name 2 requirements to qualify as a supplier as per related TP (GUV)
1.SRO confirmation of the parent code upon which the qualification will be based
2.SRO confirmation of the subsidiaries that should be qualified as per the indicated parent.
3.SRO and supplier confirmation that the contract covers all the subsidiaries.
4.Legal confirmation to qualify subsidiaries as per related TP.
5.Create/edit engagements for subsidiaries.