For more information about plan types and capabilities, see Vanta's pricing page
Vendor review is a process by which an organization can understand the potential risks of utilizing a vendor’s product or service and an ongoing process to ensure that quality security practices are being maintained continuously. A vendor review process will assess a vendor’s capacity to maintain effective and appropriate security practices and other performance elements critical to an organization’s business.
Vendor review is vital when vendors have access to sensitive internal or customer data. If a vendor does not have security documentation, such as a SOC 2 Report, you can send a security questionnaire from the Vendors page with Vanta.
Generating a Custom Vendor Security Questionnaire
Select the Settings page from the Vendors tab.
Select +Add questionnaire
Upload your custom questionnaire with each question listed vertically in the first column. Ensure that all other columns are blank
Upload files up to 50 MB of the following types: .xls, .xlsx
Select Upload
Use Vanta's Template
Select Use Vanta'stemplate
Our default questionnaire was carefully crafted by Vanta’s security team
You can view or download the questionnaire by clicking the eye icon, or the download icon
Delete a Questionnaire
From the Vendors setting page, select the Security Questionnaires tab
Select the three-dot icon on the questionnaire you would like to remove
Select Delete
Send a Vendor Security Questionnaire
Once a security review has been created for a vendor, click into the review and select + Add
Select Request from Vendor
Select any documents you would like to request, as well as any security questionnaires you would like the vendor to complete
An email will be sent to the vendor with a link to a unique page, allowing them to complete questionnaires and upload documents