Vendor Due Diligence
We simplify vendor due diligence by collecting, evaluating and summarizing vendor documents and creating concise but informative reports. These reports provide relevant information that can quickly be evaluated and presented to your Board of Directors. Our summaries deliver the information needed to manage critical vendor relationships without the burden of document collection and review.
What We Review
- Audited financial statements
- Security audit reports (i.e. SSAE 18, SOC1, SOC2, etc.)
- Business continuity planning documentation
- Disaster recovery testing results and documentation
- Identity theft program
- Insurance coverage
- Regulatory exam and management responses
- Incident response and DDoS plans
*The list above highlights the most common documents and is not a comprehensive listing of all documentation reviewed.
What We Provide
- Online access to your vendor documentation for 12 months
- Detailed Vendor Reports
- Executive/Board Summary