https://community.isc2.org/t5/Member-Support/RFP-Security-Assessment/m-p/30679#M6529 <P>Not seen anything free.</P><P>&nbsp;</P><P>Most of what I have seen have been questionnaires along the lines of ISO27001 controls, making sure that there are policies in place and the like.</P><P>&nbsp;</P><P>Many questionnaires will ask for third party reports, such as SOC 1 &amp; 2 reports (in the US), ISO27001 assessment or certification, HIPAA assessment (if healthcare), etc.</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 16 Dec 2019 17:09:28 GMT emb021 2019-12-16T17:09:28Z https://community.isc2.org/t5/Member-Support/RFP-Security-Assessment/m-p/30664#M6526 <P>Hi,</P><P>&nbsp;</P><P>can anyone point me in the direction of a good source of vendor assessment templates?&nbsp; I need to create a set and I'm struggling with writers block.&nbsp; I'm looking for something that can get me started.&nbsp; This is for general security questions, not just GDPR.</P><P>&nbsp;</P><P>Thanks in advance,</P><P>&nbsp;</P><P>Mark Mair</P> Mon, 16 Dec 2019 08:53:40 GMT https://community.isc2.org/t5/Member-Support/RFP-Security-Assessment/m-p/30664#M6526 Devanha 2019-12-16T08:53:40Z https://community.isc2.org/t5/Member-Support/RFP-Security-Assessment/m-p/30674#M6528 <P>I would probably start with security policies, both on your side and on vendor side.&nbsp;</P><P>Perhaps the next thing is compliance,&nbsp; again on your side and on vendor side.</P> Mon, 16 Dec 2019 15:39:38 GMT https://community.isc2.org/t5/Member-Support/RFP-Security-Assessment/m-p/30674#M6528 Chuxing 2019-12-16T15:39:38Z https://community.isc2.org/t5/Member-Support/RFP-Security-Assessment/m-p/30679#M6529 <P>Not seen anything free.</P><P>&nbsp;</P><P>Most of what I have seen have been questionnaires along the lines of ISO27001 controls, making sure that there are policies in place and the like.</P><P>&nbsp;</P><P>Many questionnaires will ask for third party reports, such as SOC 1 &amp; 2 reports (in the US), ISO27001 assessment or certification, HIPAA assessment (if healthcare), etc.</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 16 Dec 2019 17:09:28 GMT https://community.isc2.org/t5/Member-Support/RFP-Security-Assessment/m-p/30679#M6529 emb021 2019-12-16T17:09:28Z