Skill

tprm-scorer

Calculates vendor risk scores using inherent (data sensitivity, access level) and residual (certifications, audits) factors. Assigns Critical/High/Medium/Low ratings with comparisons, trends, and recommendations.

security

npx claudepluginhub grcengclub/claude-grc-engineering --plugin grc-tprm

Popularity

Parent stars

256

Parent forks

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/grc-tprm:tprm-scorer

User invocable

Model invocable

Inline context

Default effort

Tool Access

This skill is limited to the following tools:

ReadWrite

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Calculates and manages vendor risk scores.

SKILL.md

51 lines · ~320 tokens

Similar Skills

vendor-risk-scoring

Scores vendor privacy risks with weighted factors: data volume, sensitivity, transfer locations, certifications, breach history, control maturity. Assigns tiers for processor oversight under GDPR.

4 files

privacy-skills-complete

vendor-assessor

256

Conducts vendor security assessments evaluating posture, risks, and generating reports with recommendations. Supports onboarding, periodic reviews, incident response, and due diligence.

4 tools

grc-tprm

risk-scoring

Quantify risk using likelihood and impact, apply severity ratings, and prioritize mitigations. Use when prioritizing threats, allocating security budget, and communicating risk to leadership.

threat-modeling

Stats

LanguageJavaScript

Parent stars256

Parent forks49

MaintenanceGood

Last CommitApr 13, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

TPRM Risk Scorer

Calculates and manages vendor risk scores.

Capabilities

Risk Scoring: Calculate inherent and residual risk

Rating Assignment: Assign risk ratings (Critical/High/Medium/Low)

Trend Analysis: Track risk score changes over time

Peer Comparison: Compare vendors in same category

Scoring Methodology

Inherent Risk Factors (40%)

Factor

Weight

Data Sensitivity

15%

System Access Level

10%

Business Criticality

10%

Regulatory Impact

Control Risk Factors (60%)

Factor

Weight

Security Certifications

15%

Questionnaire Score

20%

Audit Findings

15%

Incident History

10%

Risk Rating Thresholds

Rating

Score Range

Review Frequency

Critical

80-100

Quarterly

High

60-79

Semi-Annual

Medium

40-59

Annual

Low

0-39

Biennial

Output Formats

Risk scorecard

Rating justification

Treatment recommendations

Monitoring requirements

TPRM Risk Scorer

Calculates and manages vendor risk scores.

Capabilities

Risk Scoring: Calculate inherent and residual risk
Rating Assignment: Assign risk ratings (Critical/High/Medium/Low)
Trend Analysis: Track risk score changes over time
Peer Comparison: Compare vendors in same category

Scoring Methodology

Inherent Risk Factors (40%)

Factor	Weight
Data Sensitivity	15%
System Access Level	10%
Business Criticality	10%
Regulatory Impact	5%

Control Risk Factors (60%)

Factor	Weight
Security Certifications	15%
Questionnaire Score	20%
Audit Findings	15%
Incident History	10%

Risk Rating Thresholds

Rating	Score Range	Review Frequency
Critical	80-100	Quarterly
High	60-79	Semi-Annual
Medium	40-59	Annual
Low	0-39	Biennial

Output Formats

Risk scorecard
Rating justification
Treatment recommendations
Monitoring requirements

tprm-scorer

Popularity

Invocation

Tool Access

Context Preview

SKILL.md

Similar Skills

Help us improve

Help us improve

Find plugins for your project

tprm-scorer

Popularity

Invocation

Tool Access

Context Preview

SKILL.md

TPRM Risk Scorer

Capabilities

Scoring Methodology

Inherent Risk Factors (40%)

Control Risk Factors (60%)

Risk Rating Thresholds

Output Formats

Similar Skills

Help us improve

TPRM Risk Scorer

Capabilities

Scoring Methodology

Inherent Risk Factors (40%)

Control Risk Factors (60%)

Risk Rating Thresholds

Output Formats