Vendor Due Diligence Checklist
What is Vendor Due Diligence?
You can outsource a process, but you can never outsource the risk. Many of the scandals dominating the news today stem from failures in supplier and vendor due diligence: a breakdown in the supply chain, contaminated ingredients, unpatched software. The truth is, these scandals are entirely preventable with proper vendor oversight.
Vendor due diligence is always important, but it’s critical when a vendor services a core business process or accesses confidential, sensitive information. Vendor due diligence must be comprehensive and efficient. Often, this can mean countless hours spent on paperwork and spreadsheet management. Consistently evaluating your third parties is vital for effective vendor risk management.
You should evaluate all third parties on a regular basis, benchmarking them against specific criteria for things like the conditions of plants/facilities, worker training, cybersecurity practices, and business continuity processes. It’s standard procedure to maintain robust, sustainable evaluations for prospective vendors. Many organizations, however, fall short by failing to evaluate existing vendors on a regular basis. Producing a periodic supplier due diligence report for each vendor allows you to confirm that all third parties are adapting appropriately with the changing risk environment.
LogicManager’s Vendor Due Diligence Questionnaire and Checklist
With LogicManager’s vendor due diligence questionnaire and checklist, organizations can streamline the entire supplier due diligence process. Assign responsibility for subsets of the vendor review, collect key information, documents, and sign-offs from across departments, and report all changes, updates, and reviews for each vendor. LogicManager’s vendor outreach tool allows external providers to log into a more limited version of your LogicManager GRC portal, so their information is imported directly into your vendor repository.
The vendor management due diligence questionnaire includes all core topics:
Get this solution.
If you’re already a LogicManager customer, you can contact your advisory analyst to activate this plugin! If you’re new to LogicManager, you can request a personalized demo to see how our vendor due diligence checklist and questionnaires can help you.
- SOC 2 Compliance ChecklistLogicManager Analyst Team2019-07-18T16:33:11-04:00
- Customer Complaint Management SoftwareLogicManager Analyst Team2019-04-02T12:53:09-04:00
- Mobile Banking Risk Assessment: Electronic Banking Examination ChecklistLogicManager Analyst Team2019-03-05T16:28:10-05:00
- EU NIS Directive ComplianceLogicManager Analyst Team2019-07-18T16:29:15-04:00
- NIST Cybersecurity FrameworkLogicManager Analyst Team2019-07-18T16:26:39-04:00
- NIST RMF 2.0 Update (SP 800-37 Risk Management Framework Revision 2)LogicManager Analyst Team2019-06-18T08:59:37-04:00
- Conflict Minerals ManagementBernie Lapierre2018-09-04T14:19:36-04:00
- Meaningful Use Specifications for EMR TransitionsLogicManager Analyst Team2018-08-10T11:03:35-04:00
- Business Impact Analysis TemplateLogicManager Analyst Team2019-01-07T14:13:42-05:00
- Supply Chain ManagementBernie Lapierre2019-02-26T11:33:19-05:00