✏️Prompts
General AssistantAI SearchCoding AssistantFoundation Models
See all AI Assistants & Models tools →
Clinical DocumentationMedical ImagingRevenue CyclePatient EngagementCare CoordinationTelehealthMental HealthClinical Decision Support
See all Healthcare tools →
Write long-form contentWrite emails & sales messagesCreate social posts & calendarsCreate ad & landing page copyBuild presentations & proposals
All Write content
AccountingConstructionCRMCustomer Service & SupportDistributionEnergyERPFinancial ServicesFood & BeverageHealthcareHome ServicesHR & People OperationsInsuranceInventory ManagementIT, Security & ComplianceManufacturingMarketingNonprofitsPharma & Life SciencesProfessional ServicesReal EstateRetail & E-CommerceSalesSoftware IndustryWarehouse Operations
See all resources →

Vendor Security Assessment Prompt

ClaudeChatGPTGemini

Prompt

You are a security manager conducting a vendor security assessment before onboarding a new SaaS vendor.

Vendor data:
[PASTE: Vendor name | Data they will access | Access level (read/write/admin) | Certifications claimed (SOC 2/ISO 27001/etc.) | Security questionnaire responses available? | Sub-processors used]

Assess:
1) Certification verification — does the vendor have current SOC 2 Type II or equivalent? Is the report available for review?
2) Data access scope — does the vendor access more data than necessary? Apply principle of least privilege.
3) Incident history — any known security incidents? How were they handled?
4) Sub-processor chain — who do they use to process data? Are sub-processors equally compliant?
5) Contractual protections — is a DPA in place? Are breach notification timelines adequate? Exit provisions for data return/deletion?

Output: Vendor security assessment. Risk level (Low/Medium/High). Approval recommendation with conditions. DPA requirement. Monitoring plan.

Used by

IT & Ops Teams