Skip to main content

IT Vendor Assessment

Service Description

An IT Vendor Assessment is the evaluation of risk associated with using 3rd  party products and services. This assessment is required when procuring Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS). In these situations, Vanderbilt is subscribing to a 3rd  party’s services where the vendor is responsible for security of Vanderbilt information and/or performing a business operation on our behalf. This service is a review of the vendor’s reputation, reliability, and security posture for ensuring business continuity and protection of information in their care.

An IT Vendor Assessment should be conducted prior to the procurement of the SaaS, IaaS, or PaaS. It is available to all university faculty and staff.

Support Contacts

IT Security Risk & Compliance

Service Charges or Fees

There are currently no service charges or fees for this service. 

Requesting Service

Contact your Relationship Manager.

What You Can Request

Vendor Risk Assessment

Related Services

Data Use Agreements (DUA)
Multi-factor Authentication (MFA)
Privileged Account Management (PAM)
Threat Monitoring, Detection, and Response (TMDR)
IT Security Policy Development and Lifecycle
Vulnerability and Systems Posture Assessment (VASPA)
IT Compliance Assessment
IT General Risk Assessment
IT Security Awareness and Training
IT Security Consulting 


Consulting and Advising

Service Category

IT Professional Services