Vendor review is a process by which an organization can understand the potential risks of utilizing a vendor’s product or service and an ongoing process to ensure that quality security practices are being maintained continuously. A vendor review process will assess a vendor’s capacity to maintain effective and appropriate security practices and other performance elements critical to an organization’s business. Vendor review is particularly vital when vendors will have access to sensitive internal or customer data. If a vendor does not have security documentation, such as a SOC 2 Report, you can send a security questionnaire from the Vendors page with Vanta.
Generating a Custom Vendor Security Questionnaire
- Select the Settings page from the Vendors tab
- Select +Add questionnaire
- Upload your custom questionnaire with each question listed vertically in the first column. Ensure that all other columns are blank
- Upload files up to 50 MB of the following types: .xls, .xlsx
- Select Upload
Use Vanta's Template
- Select Use Vanta'stemplate
- Our default questionnaire was carefully crafted by Vanta’s security team
- You can view or download the questionnaire by clicking the eye icon, or the download icon
Delete a Questionnaire
- From the Vendors setting page, select the Security Questionnaires tab
- Select the three-dot icon on the questionnaire you would like to remove
- Select Delete
Send a Vendor Security Questionnaire
- Once a security review has been created for a vendor, click into the review and select + Add
- Select Request from Vendor
- Select any documents you would like to request, as well as any security questionnaires you would like the vendor to complete
- An email will be sent to the vendor with a link to a unique page, allowing them to complete questionnaires and upload documents
Updated