🧩 Vendor Security Questionnaire
A supplier due diligence questionnaire modeled after FedRAMP SA‑9, NIST SP 800‑53 SR Controls, and DoD vendor vetting practices.
| File | Description |
|---|---|
| vendor_security_questionnaire.md | 10‑question supplier assessment with evidence prompts. |
| scorecard.csv | Example scoring rubric for supplier maturity assessment. |
| README.md | Summary and usage instructions. |
Key Controls Referenced: SA‑9, SR‑2, SR‑3, SR‑6
Purpose: Evaluate external service provider security practices before integration into federal environments.
🔙 Return to Home