This Vendor Assessment Survey is designed to evaluate your organization’s controls across key areas of cybersecurity, privacy, compliance, and operational risk, using a structured question set modeled after industry-standard frameworks such as SIG.

The survey has been segmented into focused sections (e.g., Subcontractor Control, Organizational Security, Information Security, Access Control, Business Continuity, Cloud Services, Mobile Devices, VPN Configuration) so that the appropriate subject-matter experts in your organization can complete only the portions relevant to their role.

Please answer every question in each assigned section accurately and completely, using the “Additional Information” fields to clarify your responses, explain any “No” or “N/A” answers, and reference supporting policies or documentation where appropriate.

Because this assessment covers your environment in depth, it may require coordination between IT, security, compliance, HR, and operations, and in many cases can take up to one week to complete thoroughly. Your responses will be used to assess vendor risk, document due diligence, and, where needed, define remediation or improvement plans.