IT Vendor Assessment
An IT Vendor Assessment is the evaluation of risk associated with using 3rd party products and services. This assessment is required when procuring Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS). In these situations, Vanderbilt is subscribing to a 3rd party’s services where the vendor is responsible for security of Vanderbilt information and/or performing a business operation on our behalf. This service is a review of the vendor’s reputation, reliability, and security posture for ensuring business continuity and protection of information in their care.
An IT Vendor Assessment should be conducted prior to the procurement of the SaaS, IaaS, or PaaS. It is available to all university faculty and staff.
Service Charges or Fees
There are currently no service charges or fees for this service.
Contact your Relationship Manager.
What You Can Request
Vendor Risk Assessment
Data Use Agreements (DUA)
Multi-factor Authentication (MFA)
Privileged Account Management (PAM)
Threat Monitoring, Detection, and Response (TMDR)
IT Security Policy Development and Lifecycle
Vulnerability and Systems Posture Assessment (VASPA)
IT Compliance Assessment
IT General Risk Assessment
IT Security Awareness and Training
IT Security Consulting
Consulting and Advising
IT Professional Services