Vendor Risk Assessment
IT IT Ops Executive
The prompt
Develop vendor risk assessment framework: categorization, questionnaire, risk scoring, verification, governance.
Why this works
Tiered assessments focus effort on highest-risk vendors. Documented requirements prevent shadow IT.
Risks & review
Assessments are time-consuming. Vendors may not be transparent about security.