Identify potential vulnerabilities in your vendors and business partners with this third-party vendor risk checklist. Created by security experts, it contains 48 essential checks for identifying security threats that could lead to data breaches or cyberattacks.
Use this vendor risk assessment checklist to bring a uniform approach to your risk assessments and strengthen your ability to identify risks.
What this checklist contains
This third party risk checklist is made up of four core sections, allowing you to focus your assessment on the areas most relevant to you and your vendors.
- Information security and privacy. Assess how vendors handle your sensitive data, including personal identifiable information (PII) and protected health information (PHI).
- Physical and data center security. Evaluate the physical security of office locations and data centers, including business continuity plans.
- Web application security. Review security features in web applications such as SSL certificates, password management, and vulnerability scanning.
- Infrastructure security. Assess network security, data backups, and protection against malware and ransomware.
