Vendor Due Diligence Checklist
What is Vendor Due Diligence?
You can outsource a process, but you can never outsource the risk. Many of the scandals dominating the news today stem from failures in supplier and vendor due diligence: a breakdown in the supply chain, contaminated ingredients, unpatched software. The truth is, these scandals are entirely preventable with proper vendor oversight.
Vendor due diligence is always important, but it’s critical when a vendor services a core business process or accesses confidential, sensitive information. Vendor due diligence must be comprehensive and efficient. Often, this can mean countless hours spent on paperwork and spreadsheet management. Consistently evaluating your third parties is vital for effective vendor risk management.
You should evaluate all third parties on a regular basis, benchmarking them against specific criteria for things like the conditions of plants/facilities, worker training, cybersecurity practices, and business continuity processes. It’s standard procedure to maintain robust, sustainable evaluations for prospective vendors. Many organizations, however, fall short by failing to evaluate existing vendors on a regular basis. Producing a periodic supplier due diligence report for each vendor allows you to confirm that all third parties are adapting appropriately with the changing risk environment.
LogicManager’s Vendor Due Diligence Questionnaire and Checklist
With LogicManager’s vendor due diligence questionnaire and checklist, organizations can streamline the entire supplier due diligence process. Assign responsibility for subsets of the vendor review, collect key information, documents, and sign-offs from across departments, and report all changes, updates, and reviews for each vendor. LogicManager’s vendor outreach tool allows external providers to log into a more limited version of your LogicManager GRC portal, so their information is imported directly into your vendor repository.
The vendor management due diligence questionnaire includes all core topics:
Get this solution.
If you’re already a LogicManager customer, you can contact your advisory analyst to activate this plugin! If you’re new to LogicManager, you can request a personalized demo to see how our vendor due diligence checklist and questionnaires can help you.
- SOC 2 Compliance ChecklistLogicManager Analyst Team2019-07-18T16:33:11-05:00
- HIPAA Compliance SoftwareLogicManager Analyst Team2019-05-03T11:09:14-05:00
- Mobile Banking Risk Assessment: Electronic Banking Examination ChecklistLogicManager Analyst Team2019-03-05T16:28:10-05:00
- EU NIS Directive ComplianceLogicManager Analyst Team2019-07-18T16:29:15-05:00
- Third-Party Risk AssessmentLogicManager Analyst Team2019-02-20T10:37:20-05:00
- NIST RMF 2.0 Update (SP 800-37 Risk Management Framework Revision 2)LogicManager Analyst Team2019-06-18T08:59:37-05:00
- Customer Complaint Management SoftwareLogicManager Analyst Team2019-04-02T12:53:09-05:00
- PCI DSS Compliance Software and ChecklistBernie Lapierre2019-07-18T16:30:04-05:00
- NIST Cybersecurity FrameworkLogicManager Analyst Team2019-07-18T16:26:39-05:00
- Health and Safety Management SoftwareLogicManager Analyst Team2018-10-31T13:36:26-05:00