Third Party Thursday

FEBRUARY 11, 2021

The Differences Between a Vendor Questionnaire and Assessment

Podcast: Play in a new window | Download

It’s a common misconception that a vendor questionnaire and vendor assessment are the same thing – but they actually have key differences that are important to understand. Listen to this 90-second podcast to hear more about the differences between questionnaires and assessments and why your organization needs both.

Available on
Listen-on-Apple-Podcasts-badge.jpg  google-play-badge 2.jpg


Podcast Transcript

Hi – my name is Josh with Venminder. joshua-cooper-headshot-CIRCLE

In this 90-second podcast, we’re going talk about how vendor questionnaires and vendor assessments differ.

At Venminder, we have a team of certified industry experts who specialize in developing comprehensive risk questionnaires as well as assessing risk for organizations of all sizes and all industries.

Often, “questionnaire” and “assessment” are used interchangeably; however, when it comes to third-party risk management, they are not one in the same.

You may be wondering why. Here’s the main difference:

A vendor questionnaire is a series of questions used to help with evaluating or assessing overall risk. Questionnaires are a central part of due diligence and ongoing monitoring. Your questionnaires will inform your risk assessments.

A vendor assessment is taking the information from the questionnaire, analyzing your vendor’s responses and calculating the overall risk the vendor, product or service brings to your organization.

This is because to properly assess those risks, vendors must fill out the questionnaire to answer critical questions such as:

  1. What due diligence is performed on your contractors?
  2. Is there a formal business continuity and disaster recovery plan in place?
  3. Do you have an active pandemic plan?
  4. Describe your information security program?
  5. How is retired digital media disposed of?
  6. Are employees and contractors required to attend security training?

So, there you have it: in a nutshell, a questionnaire is a component of an overall risk assessment for each vendor. Simply filling out a questionnaire does not suffice.

Thanks for tuning in; catch you next time!


Subscribe to our Third Party Thursday Newsletter


Join hundreds of clients and see how Venminder can help.