Configuring relationship context

Calyssa Nowviskie Updated by Calyssa Nowviskie

Relationship context defines the threat surface, controls in scope, and data sensitivity for a vendor relationship.

By configuring context, you describe how your organization works with a vendor—allowing VISO TRUST to tailor assessments, scope relevant controls, and accurately determine inherent risk. This enables a more precise, risk-based approach aligned to modern TPRM practices.

What is Relationship Context?

Relationship context is defined by two key components:

Business Case

The business case represents the circumstances of the partnership—how and why you are working with the vendor.

  • Defines how the vendor supports your business
  • Informs the threat surface
  • Determines which security controls are required

Example: SaaS provider, payment processor, IT support vendor

👉 Learn more about our default business cases

Data Types

Data types represent the information shared within the relationship.

  • Includes data about your organization, employees, or customers
  • Determines data sensitivity
  • Brings additional controls into scope for more sensitive data

Example: Customer PII, financial data, internal business data

👉 Learn more about our default data types

Together, business case and data types:
  • Define the inherent risk of the relationship
  • Determine the controls required to maintain a secure partnership
  • Inform the scope of the assessment

Configure Relationship Context

You can set or update context at any time.

1. Open Relationship Settings

  • Navigate to a vendor relationship
  • Click the ⚙️ gear icon in the header
  • Open Relationship Configuration Settings

2. Define the Business Purpose

Under Relationship Details, enter a short description (1–3 sentences) of how your organization will work with the vendor.

Include:

  • What the vendor provides
  • How your team uses the service
  • What systems or data may be involved
This description helps VISO TRUST understand the relationship and predict the appropriate context, improving accuracy and reducing manual effort.

3. Select Context

  • Navigate to the Context section
  • Select relevant business cases and data types.

These selections determine:

  • Controls in scope
  • Data sensitivity classification
  • Inherent risk level

Predict Relationship Context

VISO TRUST can automatically predict relationship context.

How it works

  • Uses public information and existing vendor intelligence
  • Analyzes how similar vendors are typically used
  • Recommends appropriate business cases and data types
Context is automatically predicted when you Run an Instant Assessment during relationship creation.

Review and refine

  • Edit predicted context at any time
  • Re-run prediction if the relationship changes by clicking "Predict relationship context" in the Relationship configuration settings.
  • View a summary explaining why selections were made

This transparency helps you validate and trust the recommended context.

Why Relationship Context Matters

Configuring the right context enables:

  • Accurate control scoping
    Only evaluate controls relevant to the relationship
  • Faster, more efficient assessments
    Reduce unnecessary questions and manual work
  • Better risk decisions
    Align risk with actual vendor usage
  • Stronger compliance alignment
    Support risk-based approaches required by regulators, where controls are tailored to the nature of each third-party relationship

View Current Relationship Context

You can quickly view the current context of any vendor relationship:

  • Navigate to the vendor relationship
  • Open the Details tab

Here, you’ll see the selected business cases and data types that define the relationship context and drive the associated risk assessment.

How did we do?

Vendor relationship settings

Configuring assessment defaults

Contact