Third-Party Risk

Vendor Risk Assessment Questionnaire

68 structured security questions across 9 domains - with Yes/No/NA + evidence columns, subcontractor (4th-party) risk section, and a Low/Medium/High risk scoring rubric.

Buy Now - $47 Browse All Templates
Instant download
Editable .docx
30-day money-back guarantee
Written by CISSP & CCSP
What You Get

What's Inside

Everything is included - no hidden extras, no consulting required.

Ideal For

Who This Is For

Whether you're building from scratch or formalizing what's already in place.

Procurement & Vendor Teams
Evaluating new vendor security posture before contract execution with a structured, repeatable process
CISOs & Risk Officers
Running a formal third-party risk program with documented, auditable vendor assessments
MSPs & IT Consultants
Helping clients assess and onboard vendors with a professional questionnaire
Ready to Get Compliant?
$47
One-time purchase · Instant download · Editable .docx
Get the Template - $47
30-day money-back guarantee. If it doesn't work for you, get a full refund - no questions asked.
Common Questions

Frequently Asked Questions

Everything you need to know before you buy.

How many questions are included?
68 questions organized across 9 security domains, from governance and access control to business continuity and compliance.
Does this cover 4th-party (subcontractor) risk?
Yes. There is a dedicated section for subcontractor risk, asking vendors how they manage the security of their own supply chain.
Can I customize the questions?
Yes. The questionnaire is an editable .docx file - add, remove, or modify questions to match your organization's requirements.
What frameworks does this map to?
Questions reference common standards including SOC 2, ISO 27001, NIST CSF, and CIS Controls. It is designed to be framework-agnostic and applicable to any vendor relationship.
How does the risk scoring work?
Each domain gets a Low/Medium/High rating based on responses. The rubric aggregates domain scores into an overall vendor risk rating to guide your follow-up due diligence.
Stop Starting From a Blank Page

Vendor Risk Assessment Questionnaire

Download today and have compliant documentation in minutes, not months.

Get the Template - $47
🔒

Get the Free CMMC Level 2 Practice Checklist

All 110 NIST SP 800-171 practices organized by domain - formatted for assessment prep. Free PDF, instant access.