Vendor and Third-Party Due Diligence Questionnaire
Vendor due diligence is always important, but it’s critical when a vendor services a core business process or accesses confidential, sensitive information. Vendor due diligence must be comprehensive and efficient. Often, this can mean countless hours spent on paperwork and spreadsheet management. Consistently evaluating your third parties is vital for effective vendor risk management.
You should evaluate all third parties on a regular basis, benchmarking them against specific criteria for things like the conditions of plants/facilities, worker training, cybersecurity practices, and business continuity processes. It’s standard procedure to maintain robust, sustainable evaluations for prospective vendors. Many organizations, however, fall short by failing to evaluate existing vendors on a regular basis. Producing a periodic due diligence report for each vendor allows you to confirm that all third parties are adapting appropriately with the changing risk environment.
The LogicManager Platform Provides:
With LogicManager’s vendor and third-party due diligence questionnaire, organizations can streamline the entire due diligence process. Assign responsibility for subsets of the vendor review, collect key information, documents, and sign-offs from across departments, and report all changes, updates, and reviews for each vendor. LogicManager’s vendor outreach tool allows external providers to log into a more limited version of your LogicManager GRC portal, so their information is imported directly into your vendor repository.
- General information
- Financial review and solvency
- Services and deliverables
- Insurance certificates (RMIS)
- Legal and regulatory compliance
- Information security technical review
- Business continuity and disaster recovery
- Contract review and vetting