Question Bank
Manage assessment questions by domain and category
| ID | Question Text | Domain | Category | Type | Risk Weight | Status | Actions |
|---|---|---|---|---|---|---|---|
| 216 | Do you have a vendor risk management program? Process for assessing third-party vendors |
IT Assets & Investments | Vendor Risk Management | YesNo | 2.0 | Active | |
| 217 | Do you conduct security assessments of vendors before engagement? Due diligence before contracting |
IT Assets & Investments | Vendor Risk Management | YesNo | 2.0 | Active | |
| 218 | How frequently do you review vendor security posture? | IT Assets & Investments | Vendor Risk Management | MultipleChoice | 1.5 | Active | |
| 219 | Do you have a vendor inventory with criticality ratings? List of all vendors and their importance |
IT Assets & Investments | Vendor Risk Management | YesNo | 1.5 | Active | |
| 220 | Do you require vendors to have cyber insurance? | IT Assets & Investments | Vendor Risk Management | YesNo | 1.0 | Active | |
| 221 | Do you review vendor SOC 2 reports or other security certifications? | IT Assets & Investments | Vendor Risk Management | YesNo | 1.5 | Active |
Showing 6 of 242 questions
242 Active
0 Inactive