Vendor Security Checklist
IT IT Ops Executive
The prompt
Create a security checklist for evaluating third-party vendors.
Our context: {{industry_regulatory_requirements}}
Data the vendor would access: {{pii_payment_employee_source_code}}
Level of access: {{api_only_saas_direct_system_access}}
Please create a questionnaire covering:
1. Certifications (SOC 2, ISO 27001, pen testing)
2. Data handling (storage, encryption, deletion)
3. Access controls (who at vendor can access our data)
4. Incident response (what if they're breached)
5. Business continuity
6. Contractual requirements (DPA, liability)
Format as a questionnaire the vendor fills in.