TPRM Helper

Basic Information

Vendor Name *

Vendor Website

Risk Assessment

Risk Classification * (Will auto-adjust based on data and users)

Number of Users * (1000+ users may escalate to Critical)

This vendor will handle sensitive data

Check if vendor will access: PII, financial data, PHI, SSNs, payment info, or proprietary business data

Use Case Details

Intended Use Case * (Be specific about data types and business functions)

Examples of detailed descriptions:
• "CRM for storing customer contact info, sales pipeline, and communication history"
• "File storage for marketing materials and internal documents (no customer data)"
• "Payroll processing including employee SSNs, bank accounts, and salary information"

Security Documentation (Optional)

Improve Your Assessment:

Uploading security documentation can significantly improve assessment accuracy and may lead to approval for vendors that would otherwise be rejected.

Upload any available security reports and certifications:

Drag and drop files here, or click to select

Most Valuable Documents:

• SOC 2 Type 2 Reports

• ISO 27001 Certificates

• Penetration Test Results

• Security Scorecards

• Compliance Attestations

• Risk Assessments

Vendor Assessment Request

Basic Information

Risk Assessment

Risk Classification Guide

Use Case Details

Security Documentation (Optional)

Assessment in Progress