Use this annual review checklist to evaluate third-party service providers across security and continuity criteria. Capture business details and services, review information security frameworks and external attestations such as SOC 2 or ISO 27001, confirm penetration testing results, and verify user access reviews. Request evidence of BCP and DR testing with scope, success criteria, and outcomes, and review the latest business impact assessment for critical processes and systems. Document findings and follow-up actions to maintain compliance and resilient vendor relationships.
With SafetyCulture you can
With SafetyCulture you can
About author
This community page makes available free workplace checklists and templates created by other users within the SafetyCulture community. SafetyCulture has re-published this content and where possible, has credited the original author. SafetyCulture has not verified the accuracy, reliability or suitability of any community content. You agree that your use of any of this content is in accordance with SafetyCulture’s Terms and Conditions.