By default, Canopy comes pre-configured with two standards:
- Compliance Standard
- ERP Only Standard
The Compliance Standard is the default Standard that all suppliers are measured against. It is the highest level of due diligence available.
In this article you will learn:
Key components of the Compliance Standard
When to use the Compliance Standard
Key components of the Compliance Standard
The Compliance Standard is configured to work as follows:
- The supplier will be risk assessed against each risk type defined in Canopy.
- The risk assessment will identify the potential risks the supplier poses to the business. Risks will be flagged as High, Medium and Low.
- Where risk is identified, the supplier will be asked to explain the risk and provide evidence to mitigate the risk.
- The supplier's responses must be approved before the supplier can be published.
- Critical risk documents may be monitored throughout the supplier lifecycle. If those documents expire, and the supplier does not update them, the supplier will fall non-compliant.
The Compliance Standard includes all the relevant supplier settings, categorisation, classification and ERP settings.
The Compliance Standard will also collect the core information about the supplier, including company details, contact information, banking information and tax details.
When to use the Compliance Standard
The Compliance Standard is the highest standard of due diligence that a supplier can be assessed against. It represents the primary mechanism of onboarding and monitoring a supplier. As such, all suppliers should be assessed against this Standard.
By default on Canopy, all suppliers are set to the Compliance Standard when they are first requested.