Vendor Risk Management Software
ID: RFI 31701-03813 • State: Tennessee
Opportunity Assistant
Loading
Description
Background
The State of Tennessee, through its Department of Finance & Administration, Strategic Technology Solutions (STS), is issuing this Request for Information (RFI) to identify a vendor risk management software platform. The goal is to support the full lifecycle of third-party risk management, which includes vendor onboarding, due diligence, continuous monitoring, compliance management, and offboarding.
This RFI aims to gather detailed information from qualified vendors about their Vendor Risk Management (VRM) solutions to assess market capabilities and align with operational and regulatory requirements.
Work Details
The State seeks information on software solutions that meet the following business requirements:
1) Vendor Onboarding & Due Diligence: automated workflows for onboarding, customizable due diligence questionnaires, risk tiering based on vendor criticality;
2) Risk Assessment & Scoring: configurable templates aligned with industry standards, multi-dimensional risk scoring;
3) Continuous Monitoring: all-source monitoring of vendor risk posture;
4) Contract & SLA Management: centralized repository for contracts, tracking SLA compliance;
5) Workflow Automation: automated workflows for approvals and task tracking;
6) Regulatory Compliance: mapping controls to frameworks like NIST and GDPR;
7) Reporting & Dashboards: customizable dashboards and exportable reports;
8) Integration Capabilities: APIs for data exchange;
9) Vendor Offboarding: secure workflows for offboarding;
10) Pre/Post-Engagement Due Diligence: manage security requirement validation documentation;
11) Enterprise Licensing: ability for multiple agencies to use under one account.
Period of Performance
Responses to this RFI are due by January 8, 2026. The timeline for implementation will be discussed in vendor responses.
Place of Performance
The services will be performed within the State of Tennessee.
Bidder Requirements
Vendors must ensure that all State data remains in the United States. Access to State data is limited to US-based resources only. Any proposed services or products must comply with the State's security policy regarding data handling.
The State of Tennessee, through its Department of Finance & Administration, Strategic Technology Solutions (STS), is issuing this Request for Information (RFI) to identify a vendor risk management software platform. The goal is to support the full lifecycle of third-party risk management, which includes vendor onboarding, due diligence, continuous monitoring, compliance management, and offboarding.
This RFI aims to gather detailed information from qualified vendors about their Vendor Risk Management (VRM) solutions to assess market capabilities and align with operational and regulatory requirements.
Work Details
The State seeks information on software solutions that meet the following business requirements:
1) Vendor Onboarding & Due Diligence: automated workflows for onboarding, customizable due diligence questionnaires, risk tiering based on vendor criticality;
2) Risk Assessment & Scoring: configurable templates aligned with industry standards, multi-dimensional risk scoring;
3) Continuous Monitoring: all-source monitoring of vendor risk posture;
4) Contract & SLA Management: centralized repository for contracts, tracking SLA compliance;
5) Workflow Automation: automated workflows for approvals and task tracking;
6) Regulatory Compliance: mapping controls to frameworks like NIST and GDPR;
7) Reporting & Dashboards: customizable dashboards and exportable reports;
8) Integration Capabilities: APIs for data exchange;
9) Vendor Offboarding: secure workflows for offboarding;
10) Pre/Post-Engagement Due Diligence: manage security requirement validation documentation;
11) Enterprise Licensing: ability for multiple agencies to use under one account.
Period of Performance
Responses to this RFI are due by January 8, 2026. The timeline for implementation will be discussed in vendor responses.
Place of Performance
The services will be performed within the State of Tennessee.
Bidder Requirements
Vendors must ensure that all State data remains in the United States. Access to State data is limited to US-based resources only. Any proposed services or products must comply with the State's security policy regarding data handling.
Loading Map
Loading Map
Overview
Opportunity Type
Request for Proposals (RFP)
Opportunity ID
RFI 31701-03813
Version
1
Response Deadline
Jan. 21, 2026
Past Due
Date Posted
Nov. 20, 2025
Est. Value Range
Experimental
$500,000 - $2,000,000
(AI estimate)
Agency Distribution
Moderate
Source
Source Notes
Source does not have a linkable page for this opportunity. To find the opportunity, go to the Source website listed above and search for the Opportunity ID.
On 11/20/25 State of Tennessee in Tennessee issued Request for Proposals (RFP) Vendor Risk Management Software with ID RFI 31701-03813 due 1/20/26.