Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is a vendor assessment?

Vendor assessment describes an organization’s program of assessing its vendors’ management of that organization’s information, and whether vendors are implementing and maintaining appropriate security controls. A vendor assessment program will establish guidelines to ensure that an organization’s vendors comply with that organization’s required information security policies and procedures. Vendor assessment is one part of an organization’s larger program of maintaining the safety of its internal and customer data and information. Organizations will seek a security review of active and potential vendors, and vendors must demonstrate that they have practices in place to securely manage data.


Implementing a vendor assessment program is a way for an organization to ensure that its varied vendors are consistently compliant with required security policies and procedures.

Additional resources you might like:

Compliance
Event
Compliance for Startups: Join Vanta's Office Hours

Do you have questions about SOC 2, ISO 27001, HIPAA, or other security and privacy frameworks? Wondering if, when, and how to achieve compliance (as painlessly as possible)? Join the next office hours with Vanta team leaders to learn about compliance for growing startups

Compliance
Event
Auditor Edition

Are you preparing for upcoming compliance audits? Curious about the best practices to ensure a smooth audit process? Join the webinar...

ISO 27001
Event
ISO 27001 Compliance for SaaS

On 10 October at 2 PM BST, join the Ask Me (Almost) Anything with Herman Errico and Kim Elias, compliance experts at Vanta. They’ll answer (almost) all your questions about ISO 27001 compliance.

Get compliant and
build trust, fast.