vendorapp logo

Docs

Sign in

Add/Manage Contracts

Who can add and manage contracts

All users in Vendorapp can add contracts to vendors. However, managing contracts (editing, transferring, cancelling) is role-based.

  • Agents can view and manage all contracts but cannot rename or cancel contracts unless they are the contract owner.

  • Contract Owners have full control over the contracts they added, including:

    • Renaming the contract
    • Transferring ownership (with restrictions)
    • Adding stakeholders
    • Requesting cancellation

  • Stakeholders can view the contract and contract value.

  • Viewers can see contract names only if they are stakeholders, but cannot perform any actions.

If a contract owner no longer has an active contract, they revert to viewer access for that vendor.

Viewing the contract list

To view contracts:

  1. Navigate to the Vendor View for a specific vendor.
  2. Select the Contracts tab from the left menu.

You'll see a list of all contracts associated with that vendor, with the following columns:

  • Document Name
  • Owner
  • Value (obscured unless you have access)
  • Access Risk (ARR: Low, Medium, High)
  • Expiry Date
  • Actions (...)

Clicking on a contract opens it in a new browser window (if permitted). If you don't have access, the contract value will show "$ Hidden", and you will not be able to click the contract link.

Adding a contract

To add a contract:

  1. Go to the Contracts tab under a vendor.
  2. Click the "Add contract" button (top-right).

Add contract modal showing upload interface

  1. Upload the contract by dragging the file or clicking Upload contract.

  2. Vendorapp intelligence will automatically extract key contract data, including:

    • Contract Type
    • File Name
    • Start Date and End Date
    • Renewal Deadline
    • Contract Status (Active/Archived)
    • Currency and Total Contract Value

Add contract modal showing extracted contract data

⚠️ If the contract has no end date, the following fallback rules apply:

  • NDA: Archived after 36 months.
  • All other contracts: Archived on expiry date or 12 months from start date, whichever is sooner.

After confirming the extracted contract data, click Continue to move to the ARR workflow.

Access Risk Rating (ARR)

Once the contract details are confirmed, Vendorapp will initiate the Access Risk Rating (ARR) process:

  • The user will be presented with up to 5 questions, one per screen.

  • Questions are dynamic and based on the contract type and extracted data.

  • Responses determine the ARR: Low, Medium, or High.

ARR influences whether the vendor is marked as having System Access on the Vendor Overview page.

  • Low ARR: No system or premises access.
  • Medium/High ARR: Indicates elevated access risk.

The final ARR result is shown in a modal once the questions are complete.

Contract added confirmation modal

Contract actions: rename, transfer, stakeholder management, cancel

Each contract row includes a ... menu with different options based on the user's role:

Contract table showing

Rename Contract

  • Available to the contract owner only
  • Opens a modal to update the contract name

Transfer Contract

  • Available to contract owners and agents
  • Not allowed within 60 days of expiry or after the renewal deadline
  • The recipient must be an existing user or will be sent an invite if not in Vendorapp
  • Contract becomes active for the recipient only after login and acceptance
  • Notifications are sent to both the original and new owner

Add Stakeholders

  • Available to contract owners and agents
  • Opens a modal to invite a stakeholder by name or email.
  • If the stakeholder is new to Vendorapp, an invite is sent
  • Stakeholders gain visibility into the contract value and document.

Cancel Contract

  • Available only to the contract owner
  • Opens a modal to request contract cancellation with two options:
    • Company direction changed (no breach required)
    • Issue with vendor's product/service
      • Requires linking to a Concerning breach that has been acknowledged.

⚠️ Contracts with no breach or without an acknowledged "Concerning" breach cannot be cancelled due to vendor performance.

Filtering Contracts

At the top of the Contracts list, a dropdown filter allows users to view:

  • Active
  • Archived
  • All

Contracts that are archived cannot be deleted — they remain for recordkeeping.

Additional logic and plan limits

  • If a user reaches their plan limit for active contracts:

    • Attempting to add a new contract will trigger a warning:

    "Plan limit reached, upgrade plan."

  • Only users with permission can view contract values and access documents.

  • If a contract is added with no end date and a $0 value, it is auto-archived after 12 months.

  • If no active contract exists for a vendor after 60 days, the vendor is automatically disabled.

  • Cancelled contracts are archived using the Confirm cancellation flow by agents.

  • Agents receive notifications to close or archive contracts based on expiry or renewal settings.