Vendor Risk Assessments
Ensure outside vendors that work with UC Santa Cruz follow security best practices when they provide products or services, use sensitive data, or access UC systems.
Get started
Features
- Aligns everyone on security practices including your vendor, department leadership, and your Unit Information Security Lead
- Helpful guidance with security questions, and understanding why security measures are important
- Assessments can be used on new or existing services
- Assessments should be completed for all new supplier requisitions, renewals (if longer than 3 years since the last assessment,) or contract re-negotiations
- Assessments are only for vendors handling Protection Level 3 (P3) to Protection Level 4 (P4) data
Support
Learn more about Security Policy and Compliance in the ITS Knowledge Base
Cost
Vendor Risk Assessments are provided at no cost
Policy
IT Support
Search the knowledge base, browse IT guides, and open a support request.