Supplier Security Assessment
Send a standardized vendor questionnaire and get a risk summary you can keep as evidence for ISO 27001 / SOC 2 supplier management.
This tool provides an initial vendor risk screening based on questionnaire responses. It is not a certification, and not an audit opinion.
Create a supplier questionnaire link
You share the link with your vendor. They answer. You get a summary.
Purpose
Supplier name (optional)
Your email (optional)
Share this link with your supplier
Tip: you can paste this into procurement tickets or vendor onboarding workflows.
What suppliers will be asked
Short and practical. Focused on real risk.
- Access control and joiner/mover/leaver process
- Security incident response and notification timelines
- Backups, restore testing, and resilience measures
- Data handling, encryption, and retention
- Subprocessors and security requirements in contracts
- Evidence availability (policies, reports, certifications)
Output you get
Risk score, red flags, and suggested follow-up actions.
Need a deeper vendor assessment, contract clauses, or an ISMS supplier process? Baltum can help.