Tool · Template

The 30-question vendor risk short-form.

Most vendor questionnaires are 200 questions and assess nothing. This is the 30-question short-form we'd actually use to triage a new third party. Editable; bring your own scoring.

Get the questionnaire

What's inside

The table of contents

30 questions across security, privacy, operational risk
Risk-tier guidance (when to send full SIG vs. short form)
Scoring rubric starter
Editable Word + Notion-friendly formats

Vendor Risk Management

When you need a full program.

Vendor Security Reviews

When you're on the receiving end.

The 30-question vendor risk short-form.

The table of contents

You may also want

Vendor Risk Management

Vendor Security Reviews