Vendor Management System

What is claimed is: 1 . A management server, comprising: a memory comprising rules for managing a vendor; and a processor communicatively coupled to the memory and operable to: identify a product to be supplied to an entity; determine a plurality of risk elements associated with the product by performing a product category-driven risk assessment; perform a transaction level risk assessment for one or more vendors proposed to supply the product to the entity; determine at least one management action for reducing risk for a risk element of the plurality of risk elements associated with supplying the product to the entity by a selected vendor from a group comprising the one or more vendors proposed to the supply the product to the entity, wherein the at least one management action is determined according to results of the product category-driven risk assessment and the transaction level risk assessment for the selected entity; and create a vendor level quality plan for the selected vendor that comprises the at least one management action. 2 . The server of claim 1 , the processor further operable to aggregate the transaction level risk assessment for the selected vendor with any other completed transaction level risk assessments associated with any other products supplied by the selected vendor to the entity. 3 . The server of claim 1 , the processor further operable to create a vendor profile for the selected vendor comprising a residual risk level for the risk element of the plurality of risk elements associated with the selected vendor supplying the product to the entity. 4 . The server of claim 1 , the processor further operable to assign a vendor manager to the selected vendor according to a number of products supplied by the selected vendor and an amount of paid to the selected vendor by the entity. 5 . The server of claim 1 , the processor further operable to execute a control function test using an internal control function associated with an organization within the entity that receives the product supplied by the selected vendor. 6 . The server of claim 1 , the processor further operable to: aggregate the transaction level risk assessment for the selected vendor with another completed transaction level risk assessments associated with another product supplied by the selected vendor to the entity; determine a customized question for assessing risk based on analysis of the aggregated transaction level risk assessments; and utilize the customized question for any additional transaction risk assessments completed for the selected vendor. 7 . The server of claim 1 , wherein feedback of a control function test executed by an internal control function associated with a first organization within the entity is used by an entity control function associated with an entity to modify the control function test executed on a different organization within the entity. 8 . A method for managing a vendor comprising: identifying a product to be supplied to an entity; determining, using a processor, a plurality of risk elements associated with the product by performing a product category-driven risk assessment; performing, using the processor, a transaction level risk assessment for one or more vendors proposed to supply the product to the entity; determining, using the processor, at least one management action for reducing risk for a risk element of the plurality of risk elements associated with supplying the product to the entity by a selected vendor from a group comprising the one or more vendors proposed to the supply the product to the entity, wherein the at least one management action is determined according to results of the product category-driven risk assessment and the transaction level risk assessment for the selected entity; and creating, using the processor, a vendor level quality plan for the selected vendor that comprises the at least one management action. 9 . The method of claim 8 , further comprising aggregating the transaction level risk assessment for the selected vendor with any other completed transaction level risk assessments associated with any other products supplied by the selected vendor to the entity. 10 . The method of claim 8 , further comprising creating a vendor profile for the selected vendor comprising a residual risk level for the risk element of the plurality of risk elements associated with the selected vendor supplying the product to the entity. 11 . The method of claim 8 , further comprising assigning a vendor manager to the selected vendor according to a number of products supplied by the selected vendor and an amount of paid to the selected vendor by the entity. 12 . The method of claim 8 , further comprising executing a control function test using an internal control function associated with an organization within the entity that receives the product supplied by the selected vendor. 13 . The method of claim 8 , further comprising: aggregating the transaction level risk assessment for the selected vendor with another completed transaction level risk assessments associated with another product supplied by the selected vendor to the entity; determining a customized question for assessing risk based on analysis of the aggregated transaction level risk assessments; and utilizing the customized question for any additional transaction risk assessments completed for the selected vendor. 14 . The method of claim 8 , wherein feedback of a control function test executed by an internal control function associated with a first organization within the entity is used by an entity control function associated with an entity to modify the control function test executed on a different organization within the entity. 15 . A non-transitory computer readable medium comprising logic, the logic when executed by a processor, operable to: identify a product to be supplied to an entity; determine a plurality of risk elements associated with the product by performing a product category-driven risk assessment; perform a transaction level risk assessment for one or more vendors proposed to supply the product to the entity; determine at least one management action for reducing risk for a risk element of the plurality of risk elements associated with supplying the product to the entity by a selected vendor from a group comprising the one or more vendors proposed to the supply the product to the entity, wherein the at least one management action is determined according to results of the product category-driven risk assessment and the transaction level risk assessment for the selected entity; and create a vendor level quality plan for the selected vendor that comprises the at least one management action. 16 . The computer readable medium of claim 15 , wherein the logic is further operable to aggregate the transaction level risk assessment for the selected vendor with any other completed transaction level risk assessments associated with any other products supplied by the selected vendor to the entity. 17 . The computer readable medium of claim 15 , wherein the logic is further operable to create a vendor profile for the selected vendor comprising a residual risk level for the risk element of the plurality of risk elements associated with the selected vendor supplying the product to the entity. 18 . The computer readable medium of claim 15 , wherein the logic is further operable to execute a control function test using an internal control function associated with an organization within the entity that recei