On the Vendor page, you can conduct an assessment of vendors essential to your business’ services and then take action to assign ownership and level of risk. The Vendor's page also allows you to log each vendor’s own security documentation to ensure compliance.
Accessing the Vendor's Page
- From the left-hand navigation panel select Vendors
- From the Vendors page, you can search for Vendors, filter by status, risk level, and priority, and add new Vendors
- By clicking a Vendor name, you will be brought to the details of that specific Vendor.
Adding & Editing Vendors
- To add a new vendor, select + Add Vendor in the top right-hand corner of the page.
- To Edit a vendor, select the name of the vendor
- You will be prompted to include the company name and company URL. Select Add.
- From here you will be asked to provide:
- General Information: the organization's name, website, account manager, and a list of the services this vendor is providing.
- Ownership: Who at your organization is responsible for managing this vendor
- Security Information
- What data is shared with this vendor?
- Authentication Method: How do users access this platform?
- What is the risk profile of this vendor?
- Security Assessments
- Upload an assessment: Here you can upload any compliance information the vendor has provided to you
- Send Questionnaire: Use Vanta's default questionnaire to obtain security information from the vendor. The questionnaire asks questions about the vendor's security posture and requests additional proof and documentation such as a SOC2 report.
- If you have a custom questionnaire you would like to use, you can upload it when selecting Upload a blank custom questionnaire.
- Additional Information
- Any additional information of note that would be beneficial for your team to know.
Deleting a Vendor
- Select the vendor you wish to delete
- Click More in the top right-hand corner
- Select Delete Vendor