Template

Supplier Due Diligence Attestation

by Julie Zhu, from the Community

10+

Use this supplier due diligence and attestation checklist to evaluate third party vendors against key risk areas. Sections cover annual information security reviews and testing such as SOC 2, ISO 27001 and penetration tests, business impact assessments, business continuity and disaster recovery, IT service continuity, privacy and data protection, data residency locations, outsourcing disclosures, fraud and corruption, and modern slavery. Capture details, designate a privacy officer, and confirm compliance across the past 12 months.

With SafetyCulture you can

Digitize any process, procedure or policy

Eliminate mistakes made by paper-based processes

Create and share professional reports instantly

Confirm accountability and compliance with a digital log

With SafetyCulture you can

Digitize any process, procedure or policy

Eliminate mistakes made by paper-based processes

Create and share professional reports instantly

Confirm accountability and compliance with a digital log

About author

Community

This community page makes available free workplace checklists and templates created by other users within the SafetyCulture community. SafetyCulture has re-published this content and where possible, has credited the original author. SafetyCulture has not verified the accuracy, reliability or suitability of any community content. You agree that your use of any of this content is in accordance with SafetyCulture’s Terms and Conditions.

Template
Facility Quality Index Audit Checklist
Use this supplier due diligence and attestation checklist to evaluate third party vendors against key risk areas. Sections cover annual information security reviews and testing such as SOC 2, ISO 27001 and penetration tests, business impact assessments, business continuity and disaster recovery, IT service continuity, privacy and data protection, data residency locations, outsourcing disclosures, fraud and corruption, and modern slavery. Capture details, designate a privacy officer, and confirm compliance across the past 12 months.
by Julie Zhu, from the Community
Downloads: 0
Get
Template
Supplier Due Diligence Attestation Checklist
Use this supplier due diligence and attestation checklist to evaluate third party vendors on information security, privacy, business continuity and disaster recovery, outsourcing practices, fraud and corruption controls, and modern slavery risk. Capture annual evidence such as security frameworks, penetration testing or certifications, BCP testing, business impact assessments, disaster recovery results, and data protection policies. Confirm control reviews, incident reporting, legislative compliance, and designate accountable roles like privacy officer to ensure resilient and compliant supplier relationships.
by Julie Zhu, from the Community
Downloads: 10+
Get
Template
Supplier Due Diligence Checklist
Evaluate new and existing suppliers with a comprehensive due diligence checklist covering business information, legal structure, registrations, regulatory compliance, contracts and agreements, intellectual property, operations and technology, data security, insurance coverage, supply chain risks, environmental and social responsibility, cybersecurity, subcontractor oversight, and health and safety. Capture findings, attach evidence, note issues, and verify business continuity and disaster recovery plans to standardize vendor assessments and reduce risk.
by Shona Calder, from the Community
Downloads: 10+
Get
Template
Suppliers Due Diligence - Claims
This supplier due diligence checklist focuses on insurance claims and regulatory compliance for Australian financial services. It helps assess documented claims processes aligned to the General Insurance Code of Practice, quality assurance, and fraud and anti-money laundering controls. It includes checks for vulnerable customer handling, complaints and IDR reporting to ASIC, and outsourcing governance. The template verifies AFS Licence status and obligations, conflicts of interest, and records management. It reviews information security frameworks, control testing, cyber incident notification to the Australian Cyber Security Centre, user access reviews, and segregation of duties. Business resilience sections cover BIA, BCP, IT service continuity, and disaster recovery. Additional sections address staff training and competence, incident management and AFCA notices, privacy governance and designated officer, and modern slavery risk management.
by Julie Zhu, from the Community
Downloads: 10+
Get

Supplier Due Diligence Attestation

About author

You might also like

Facility Quality Index Audit Checklist

Supplier Due Diligence Attestation Checklist

Supplier Due Diligence Checklist

Suppliers Due Diligence - Claims

You might also like

Facility Quality Index Audit Checklist

Supplier Due Diligence Attestation Checklist

Supplier Due Diligence Checklist

Suppliers Due Diligence - Claims