Vanta's Vendor page empowers you to add, edit, and manage vendors effortlessly, all in one place. With this powerful tool, you can conduct comprehensive security reviews that enable your organization to proactively mitigate risk associated with the vendors you utilize.
Accessing the Vendor's Page
- From the left-hand navigation panel, select Vendors
- From the Vendors page, you can search for Vendors, filter by status, risk level, and priority, and add new Vendors
- By clicking a Vendor name, you will be brought to the details of that specific Vendor.
- Vendor Details: the organization's name, website, account manager, and a list of the services this vendor provides.
- Contact Information
- Linked Discovery Applications
With the Vendor Risk Management feature, you can auto-score the vendor's risk through auto-score configuration, or build it from the risk management tab
- Select the Risk Management tab
- Use the drop-down menu to define the vendor category
- Select Save
- Select the edit icons to establish the data processed by the vendor, the criticality of the vendor, the system the vendor has access to, and the ability for the vendor to communicate on behalf of your company
- Using the dropdown, set the risk level for this vendor
A vendor security review is a process by which an organization assesses its third-party vendors' security practices to determine their risk exposure level. This review typically involves evaluating a vendor's security policies, procedures, controls, and technologies to ensure they align with the organization's security standards and compliance requirements.
Upload files: Consider uploading the following documentation
- SOC 2 or SOC 3 report
- ISO 27001 certificate
- Completed security questionnaire
- Data processing agreement (DPA)
- Business associate agreement (BAA)
- Select Send Questionnaire
- Provide the appropriate information
Choose from the following:
- Send Vanta's default questionnaire
- Use a previously uploaded questionnaire
- Upload a blank custom questionnaire
- Upload your security assessment
- Add any notable findings and overall decision
- Security Reviews in progress will be shown on the main vendor's page
Use this space to store documentation about this vendor. For security assessments, Vanta recommends uploading them to a security review to help structure your findings.