Use this free questionnaire template to encourage the design of your individual questionnaire evaluating a vendor’s degree of cyber menace resilience within the face of a world pandemic comparable in scope to the COVID-19 pandemic.
Learn the way Cybersecurity streamlines Vendor Danger Administration >
Observe: Cybersecurity presents a customizable pandemic questionnaire template that mechanically detects cyber dangers based mostly on questionnaire responses. For probably the most reliable and scalable Vendor Danger Administration program, it’s extremely really helpful to handle your vendor safety questionnaires on a VRM platform like Cybersecurity.
Study extra about Cybersecurity’s questionnaires >
Template for Evaluating Vendor Provide Chain Danger in a Pandemic Context
Every dot level merchandise signifies the design of every enter choice. Sure, No and Not Certain needs to be checkboxes, adopted by a free textual content discipline for when additional clarification is accessible.
Query 1: Do you’ve got a enterprise continuity plan in place?YesNoNot SureFree Textual content FieldQuestion 2: Have all the essential capabilities of what you are promoting been recognized?YesNoNot SureFree Textual content FieldQuestion 3: Have all key personnel chargeable for guaranteeing enterprise continuity been recognized?YesNoNot SureFree Textual content FieldQuestion 4: Do all key personnel have clearly outlined roles for guaranteeing continuity within the occasion of a enterprise disruption?YesNoNot SureFree Textual content FieldQuestion 5: Do you’ve got any disaster administration groups in place?YesNoNot SureFree Textual content FieldQuestion 5a: When you answered Sure, are they conscious of their obligations?YesNoNot SureFree Textual content FieldQuestion 6: How usually are disaster situations simulated?Query 7: Was what you are promoting impacted by the COVID-19 Pandemic?YesNoNot SureFree Textual content FieldQuestion 7a: When you answered Sure, clarify the diploma of influence.Query 7b: When you answered Sure, clarify how your continuity plans have been adjusted to raised deal with future comparable occasions.Query 8: Do you’ve got a pandemic plan?YesNoNot SureFree Textual content FieldQuestion 8a: When you answered Sure, has this plan ever been examined?YesNoNot SureFree Textual content FieldQuestion 8a(i): When you answered Sure, what was the utmost downtime you skilled throughout these exams?Query 8a(ii): When you answered Sure, what was the utmost diploma of delicate information influence skilled throughout these exams?Query 9: Are you conscious of which of your services and products could be impacted by a possible pandemic?YesNoNot SureFree Textual content FieldQuestion 9(i): Would any of those disruptions influence your SLAs?YesNoNot SureFree Textual content FieldQuestion 10: Are you conscious of which of your distributors could be most impacted by a pandemic?YesNoNot SureFree Textual content FieldQuestion 11: Are you conscious of which of your distributors are most probably to undergo a safety incident throughout a pandemic?YesNoNot SureFree Textual content FieldQuestion 12: Do you’ve got a real-time monitoring resolution for monitoring cyber dangers in your provide chain?YesNoNot SureFree Textual content FieldQuestion 13: Do you’ve got response plans in place for when distributors in your provide chain undergo an information breach?YesNoNot SureFree Textual content FieldQuestion 13a: When you answered Sure, has this response plan been examined in a simulated incident?YesNoNot SureFree Textual content FieldQuestion 14: Had been any of your present or earlier service suppliers impacted by the Coronavirus pandemic?YesNoNot SureFree Textual content FieldQuestion 15: Are you conscious of which rules is perhaps violated if a vendor suffers an information breach?
For instance, GDPR, PCI DSS, HIPAA, and so on.
YesNoNot SureFree Textual content FieldQuestion 16: Do you’ve got a Third-Get together Danger Administration program in place?YesNoNot SureFree Textual content FieldQuestion 16a: When you answered Sure, is that this program supported by a instrument streamlining the whole TPRM workflow?
With options supporting safe onboarding, vendor threat evaluation, regulation compliance (particularly for closely regulated industries like healthcare), dashboards monitoring provide chain safety postures, and so on.
YesNoNot SureFree Textual content FieldQuestion 17: Do you handle any facet of your safety questionnaire course of in Excel spreadsheets?YesNoNot SureFree Textual content FieldQuestion 18: Have you ever labored with stakeholders to develop a plan for responding to enterprise disruptions throughout a pandemic?YesNoNot SureFree Textual content FieldQuestion 19: Have your staff been skilled to correctly reply to a pandemic?YesNoNot SureFree Textual content FieldQuestion 20: Are your staff conscious of the elevated threat of social engineering and phishing assaults throughout a pandemic?
Throughout a number of mediums, together with SMS, social media, and social apps.
Query 20a: When you answered Sure, have your staff been outfitted to mitigate these dangers via menace consciousness coaching?
WIth both in-person or digital coaching occasions (akin to webinars and coaching movies).
YesNoNot SureFree Textual content FieldQuestion 20a(i): When you answered Sure, have these coaching occasions been accompanied with simulated phishing assaults to check their influence?YesNoNot SureFree Textual content FieldQuestion 21: Can your group function in a distant workforce mannequin?YesNoNot SureFree Textual content FieldQuestion 21a: When you answered Sure, have all software program and app integrations facilitating distant community connections been pen-tested?YesNoNot SureFree Textual content FieldQuestion 22: Do you employ any survey software program or survey templates for monitoring the safety threat of distributors in your provide chain?YesNoNot SureFree Textual content FieldQuestion 23: Do you’ve got a Privileged Entry Administration system in place for limiting delicate useful resource entry in a distant workforce context?YesNoNot SureFree Textual content FieldQuestion 24: Have you ever carried out a community segregation technique for obfuscating delicate useful resource entry?
To take care of cyber threats prone to improve in ferocity throughout a pandemic, akin to ransomware assaults.
YesNoNot SureFree Textual content FieldQuestion 25: Do you’ve got any extra feedback in relation to your degree of pandemic preparedness?
Able to see Cybersecurity in motion?
Prepared to avoid wasting time and streamline your belief administration course of?
