Due Dilgence Review Module

The due diligence process ensures that your company has a consistent & reasonable approach to vetting its vendor relationships — especially if the vendor is providing a core business function or has access personally identifiable information and/or sensitive corporate information.

It’s not enough to perform diligence during the initial vetting stage of a vendor. Conducting diligence reviews (e.g. assessments to ensure ability to deliver expected level of service, adequate security controls, technology architecture, compliance with ISO 27001, SSAE 16 & SAS 70) throughout the relationship — especially with your critical vendors — is key to managing vendor risks.

Features Include:

  • Collect information & documentation from vendors during the vendor on-boarding process.
  • Create unlimited campaigns to automate assessments for large amounts of vendors at a time.
  • Create unlimited risk assessment templates using the following methods:
    • Questions and Answers
    • Risk Matrix
  • Configure risk levels & scoring thresholds to align to your current risk management methodology.
  • Email vendors with a link to their own “guest page” to enter or upload the information for each diligence item/assessment and submit their responses directly on VendorRisk.
  • Automate scheduling of reviews by entering a “next review date” and the review frequency.
  • Track progress of each review e.g. based on the number of items marked as completed, a completion percentage between 0 and 100% displayed is for the review.
  • Review committees can approve/reject a submitted review.
  • Facilitate vendor audits by collecting, centralising and organising assurance data and recording courses of remediation