Risk Tier Assessment Quiz
Risk Tier Assessment Quiz
Q1. Company Presence
Select an option
Global (OFFICES all over the world)
International (OFFICES/PRODUCTS in many countries)
Regional (North America)
Local (One Single Country)
Q2. Cybesecurity Function
Select an option
Segregated GRC functions with Risk and Sec Ops separated
Dedicated and segregated GRC function
Dedicated IT team
No IT team
Q3. External Certifications
Select an option
SOC2 Type II + ISO + CSA + GDPR etc
SOC 2 Type II Only
No SOC 2 Type II but Pentest
None
Q4. GDPR Certifications
Select an option
Yes
In Process
No
Q5. Number of employees
Select an option
1001<
251-1000
51-250
<50
Q6. Is the company public or private?
Select an option
Public
Private – Large Stage
Private – Early Stage
Private – Bootstrapped
Q7. Penetration Tests
Select an option
Yes – multiple
Yes – Once
In Process
No
Q8. Buisness function:
Determine the importance of the service the vendor provides. Is it critical to your business core operations?
Select an option
Critical – Core Operations
Critical – Business Enabler
Moderate/option>
Negligible
Q9. Dependency:
Evaluate how reliant your business processes are on the vendor’s services or products.
Select an option
Critical – Core Operations
Critical – Business Enabler
Moderate/option>
Negligible
Q10. Availability:
Assess the impact of vendor downtime on your operations. What are the potential consequences of service interruptions?
Select an option
Severe
Moderate
Insignificant
Q11. Data Handling:
Identify the type and sensitivity of data the vendor processes or has access to. Does it include customer PII, financial data, or intellectual property?
Select an option
Restricted
Confidential
Internal
Public
Q12.Compliance Requirements:
Consider regulatory requirements such as GDPR, HIPAA, SOC 2, etc., that the vendor helps your organization to comply with due to the nature of data they handle or services they provide.
Select an option
Global Compliance
Regional Compliance
National Compliance
Local Compliant
None
Q13. Innovation:
Evaluate how the vendor’s solutions align with your business strategy and future technology roadmap.
Select an option
Aligned – Present and Future
Aligned – Present Only
Undecipherable
Misaligned – Future Only
Misaligned
Q14. Parnership Potential:
Consider the potential for a strategic partnership. Does the vendor invest in understanding and supporting your business goals?
Select an option
Strong Potential
Moderate Potential
Low Potential
No Potential
Q15. Security Measures:
Evaluate the vendor’s security policies, procedures, and controls. Do they align with industry standards and best practices?
Select an option
Yes
No
Q16. Incident History:
Review any past security incidents involving the vendor. How were they handled, and what was the impact?
Select an option
No Incidents
Handled Well
Handled Poorly
Ongoing Issues
Q17. Financial Health:
Assess the vendor’s financial stability and longevity. Are they likely to remain in business for the foreseeable future?
Select an option
Very Stable
Stable
Unstable
Very Unstable
Q18. Contractual Obligations:
Examine the terms of service agreements, including Service Level Agreements (SLAs) and any exit strategies.
Select an option
Well Defined
Partially Defined
Poorly Defined
Not Defined
Q19. Track Record:
Evaluate the vendor’s history of performance and reliability. Are they known for consistent delivery and uptime?
Select an option
Highly Reliable
Reliable
Not Reliable
Q20. Scalability:
Determine if the vendor can scale their services as your business grows.
Select an option
Highly Reliable
Reliable
Not Reliable
Q21. Support Availability:
Assess the quality and availability of vendor support. Is it available 24/7? How responsive are they to issues?
Select an option
Unresponsive
Responsive
Q22. Customer Service:
Consider customer service reviews and feedback. How well does the vendor handle client relationships and issues?
Select an option
5-Star
4-Star
3-Star
2-Star
1-Star
Q23. Location:
Consider the vendor’s geographic location and any geopolitical risks. How might political instability, natural disasters, or other factors impact the vendor’s ability to deliver services?
Select an option
Severly
Moderate
Insignificant
Q24. Sub vendors:
Identify any subcontractors or third-party vendors the primary vendor relies on. Assess the risks associated with these relationship
Select an option
Very High Risk
High Risk
Moderate Risk
Low Risk
Very Low Risk
Q25. TCO:
Evaluate the overall cost of engaging with the vendor, including any hidden costs and the return on investment.
Select an option
Very Expensive
Expensive
Moderate
Inexpensive
Submit
×