On the Vendor page you can conduct an assessment of vendors essential to your business’ services and then take action to: assign ownership and level of risk as well as log each vendor’s own security documentation.
To log your vendors:
Simply click on Add a Vendor. 
Next, input the company name and URL into the table.
Once the vendor is logged, select the drop-down arrow and fill in the required info:
- Vendor Name
- Website
- Services Provided: what do they contribute to your business, used to determine the risk
- Data Stored: What type of data, user data? Used to determine the risk of Vendor
- Authentication: What password policy do you require of the vendor?
You’ll also need to log who is responsible for said Vendor at your company, under Person Responsible for Vendor select an employee from the dropdown menu.
Next assign a Risk Level, based on the type of data the vendor has access to and the business impact that may result due to the failure of their service (ex. Vanta deems AWS a High-Risk level based on the implications of AWS having a potential security breach and the impact on Vanta's client data and cloud infrastructure).
Lastly, you’ll need to upload security documentation from the vendor. SOC2 reports, security policies, or documentation can go here.
Alternatively, select Security Questionnaire and enter the vendor’s email to send a pre-built questionnaire. Your vendor's answers will autofill back in Vanta.
NOTE: You can choose to sort your vendors by Name or Risk Level once you have completed the Vendor page
Tada! Vendor management completed!