What you'll see after submitting

A TPRM readiness diagnostic across vendor governance, audit, and risk controls.

01 Vendor governance maturity

Single rating across the whole programme: Emerging, Mature, or Best-in-class.

Emerging
Mature
Best-in-class
02 Six-dimension scorecard

Where vendor governance is strong vs structurally exposed.

ContractualStrong
Audit CadenceMid
DocumentationStrong
SLA DisciplineMid
Escalation PathExposed
03 Audit-defensibility next steps

What to address before the next vendor audit cycle.

Document escalation paths before next external vendor audit.
Escalation matrix Audit log review SLA refresh

TPRM Assessment

This is a structured vendor evaluation designed for TPRM, audit, and compliance teams. We share it with people who are actively assessing BGV providers.

Quality filter, not a paywall. We want serious conversations, not spam.
Your email starts a conversation, not a mailing list.
Please use your corporate email. We require this to ensure our tools reach the right audience, not to gatekeep.

No spam. No mailing list. We may follow up once if the output suggests a conversation worth having. Privacy policy.

AUDIT-READY COMPLIANCE FOCUSED OPERATOR-GRADE DATA
tprm · shareable assessment

Give your TPRM team a structured way to evaluate BGV vendors

Forward this page to your compliance or audit lead. It scores vendor third-party risk posture across 8 domains, from data processing roles and sub-processor management through to incident response and cross-border transfers, on a 0 to 3 maturity scale mapped to GDPR Article 28, ISO 27001:2022 Annex A, SOC 2 Trust Services Criteria, and India's DPDP Act 2023.

8 domains · 24 questions 10 minutes to complete Answers saved locally · no data submitted

How to use this assessment

If you are the TPRM or compliance lead, work through the 24 questions below using vendor documentation, DPA drafts, security questionnaire responses, and proposal material. If you received this link from a colleague managing the BGV evaluation, this is the structured input they need from your domain. Your answers generate a live maturity radar on the right and a prioritised gap list once enough domains are scored.

0 · Not in place
1 · Ad-hoc
2 · Defined
3 · Optimised
Assessment progress
0 / 24
Next step

Next: read the compliance brief, then share with your evaluator