This message was posted by a user wishing to remain anonymous
We use a questionnaire with close to 100 for our security risk assessments. Its quite an exhaustive list for our smaller vendors. Some of our critical vendors are 5 men shops and don't have the resources to apply towards a security program. I'm curious to know how others are tackling this issue. Curious does anyone have something that they use fro their smaller vendors that they can share?