Vendor Security Checklist Prompt

Create a security checklist for evaluating third-party vendors.

Our context: [industry, regulatory requirements]
Data the vendor would access: [PII / payment / employee / source code]
Level of access: [API only / SaaS / direct system access]

Please create a questionnaire covering:
1. Certifications (SOC 2, ISO 27001, pen testing)
2. Data handling (storage, encryption, deletion)
3. Access controls (who at vendor can access our data)
4. Incident response (what if they're breached)
5. Business continuity
6. Contractual requirements (DPA, liability)

Format as a questionnaire the vendor fills in.