AI Vendor Risk Assessment for Jira

Accelerate vendor risk assessments with AI-powered workflows that identify risks and streamline follow-ups - all within Jira.

Comment 1

Inspiration

We have another app on the Atlassian Marketplace selling to IT and security teams, and from our conversations we've learnt that managing vendor security assessments is a massive pain point for those teams. Companies waste countless hours manually sending questionnaires, chasing responses, and coordinating reviews across different teams. We were inspired to build this after seeing how much time these teams spend on repetitive vendor assessment tasks that could be automated. We also experienced the pain as vendors having to fill out lengthy questionnaires and wanted to improve that process using AI.

What it does

The app streamlines the entire vendor security assessment process within Jira. It automatically pulls in vendor procurement requests and uses AI to help pre-fill questionnaire responses and identify potential risks, and manages follow-up questions with vendors. Everything is tracked in one place with a clear audit trail.

How we built it

We built this as a native Jira app using Forge to ensure deep integration with existing Jira workflows. The AI component leverages large language models trained on security questionnaires to assist with response generation and risk identification. We focused heavily on the user experience to make it feel like a natural extension of Jira rather than a bolt-on tool.

Challenges we ran into

We initially wanted to use Forms in JSM to build the questionnaires and send those to vendors. However, we found some gaps with the Forms API which became a blocker for us, and so we had to re-evaluate our approach. In addition, this was our first time building an AI app, so there was a learning curve involved there. We had to ensure the AI suggestions were accurate and helpful and make sure it wasn't hallucinating.

What's next for AI Vendor Risk Assessment for Jira

We're excited to have customers use this and see how much time this saves IT teams while improving the quality and consistency of vendor assessments.

We plan to add more automation capabilities, enhance the AI risk identification, and expand integration with popular vendor security questionnaire formats. We're also looking to add features for ongoing vendor monitoring and automated reassessment triggers.

Built With

Share this project:

Updates