Understanding Subscribers and Default Subscribers
Subscribers are a powerful way to keep key stakeholders in the loop about third-party risk relationships—without needing to assign them as Business Owners. Whether you're part of a risk, security, or procurement team, subscribing to a relationship ensures you stay informed about assessments, risks, and lifecycle changes.
👤 What is a Subscriber?
A Subscriber is an internal contact who receives notifications and updates related to a specific relationship. This can include:
- Assessment status updates
- Risk advisory or breach alerts
- Remediation requests
- Lifecycle events (e.g., upcoming recertifications, expiring documentation)
Unlike the Business Owner - who is the designated owner of the relationship and tied to a Business Unit - Subscribers are purely informational and do not affect risk attribution or relationship ownership.
You can add as many Subscribers to a relationship as you'd like. Some examples of common Subscriber use cases:
- Risk team members monitoring critical vendor assessments
- IT or Security personnel tracking infrastructure suppliers
- Procurement or legal staff monitoring third-party engagements
💡 Think of Subscribers like "Watchers" on a Jira ticket - they stay informed without being the responsible party.
⚙️ What is a Default Subscriber?
Previously, adding a user as a Subscriber required going into each relationship manually - an extremely time-consuming task for organizations with hundreds or thousands of vendors.
To streamline this, we introduced the Default Subscriber setting. You can now designate any internal user as a Default Subscriber via the Users page.
✅ Enabling Default Subscriber
To enable this:
- Go to Settings > Users
- Click the 3 dots and select Edit on the desired user
- Check the box labeled Default Subscriber
- Click Save
🪄 What happens when this is enabled?
- That user is automatically added as a Subscriber to all existing relationships
- They are also automatically subscribed to any new relationships moving forward
- This change is instant and applies platform-wide
🔐 Note: You cannot remove a Default Subscriber from an individual relationship unless you first uncheck the “Default Subscriber” box from their user profile.
👥 Can I have more than one Default Subscriber?
Yes! You can configure multiple Default Subscribers. This is ideal for teams that need broad visibility, such as:
- Centralized risk or compliance teams
- Security operations centers (SOCs)
- Audit and governance groups
📝 Best Practices
- Use Default Subscribers for cross-cutting teams who should always stay informed, regardless of Business Unit.
- Avoid setting Business Owners as Default Subscribers unless they have organization-wide oversight.
- Document who your Default Subscribers are and regularly review this list as your team evolves.
🔄 Managing Subscribers on Individual Relationships
You can still manually add or remove Subscribers on a per-relationship basis unless they are marked as a Default Subscriber.
To manage Subscribers:
- Open any relationship record
- Under Subscribers, add or remove individuals as needed
If you have questions about how to best use Subscribers or Default Subscribers in your risk workflow, reach out to your Customer Success Manager or contact support.
