| Vendor Name | |
|---|---|
| Service/Product Provided | |
| Business Owner | |
| Date Reviewed |
| Risk Area | Description | Evaluation | Risk Level | Notes/Comments |
|---|---|---|---|---|
| Data Security | ||||
| Compliance (e.g. GDPR, SOC2) | ||||
| Data Location & Residency | ||||
| Business Continuity | ||||
| Vendor Financial Stability | ||||
| Incident Response | ||||
| Access Controls | ||||
| Subprocessors | ||||
| Contractual Terms | ||||
| Other |
| Overall Risk Assessment | |
|---|---|
| Recommended Actions | |
| Reviewer Name | |
| Approval |