Summary
The questionnaire provides Pitt IT Information Security with the information to understand the product or services that the vendor will provide to the University. It also defines the assessment scope, identifies the University’s potential risk, and collects the vendor’s contact information.
Body
Overview
Per the Vendor Security Risk Assessment Operating Standard, any unit that wishes to engage with a vendor must complete the onboarding questionnaire linked below. Please initiate the risk assessment early to avoid delaying engagement with the vendor. The questionnaire can be previewed here but needs submitted through the Request an Assessment link below.
The questionnaire provides Pitt IT Information Security with the information to understand the product or services that the vendor will provide to the University. It also defines the assessment scope, identifies the University’s potential risk, and collects the vendor’s contact information.
For additional guidance regarding when a Vendor Risk Assessment is required, please review the Submitting a Vendor Review Overview presentation.
Related Policies and Additional Information
Pitt IT Security
University Policies Relating to Data Security