top of page
Secure Crest Logo.png

Vendor Security Risk Assessment

Helping you properly assess the information security posture of your vendors and suppliers.

header-shape-image-4 (1).png



We pride ourselves in helping our clients from across different industries, develop and improve their third-party risk management (TPRM) programs. In addition to this, we perform information security risk assessments on their highest-risk vendors and suppliers. We use industry-standard controls & program frameworks such as the NIST 800 series and the ISO 27001 to protect client data in third-party systems. 

Why us?

 Knowledgeable. Original. Efficient.

Get peace of mind and properly vet the security of your vendors. 


We understand the information security risks posed by vendors and suppliers. This is based on our experience of performing dozens of risk assessments on a monthly basis on behalf of our clients. 


Our consultants hold certification in the information security industry such as  CISSP,  CISA,  CISM and the Certified Third Party Risk Assessor (CTPRA). 

One stop shop

Whether it's building a third-party risk management program from scratch, evaluating an existing one, or needing help with vendor assessments, we have it all. 

Our Process

Simplified vendor security risk assessment that gets results



We gather all the necessary documents from the vendors including questionnaire, previous assessment reports, attestations, and other documents such as policies, procedures and standards 



We carefully analyze all documentation provided by the supplier to determine if the controls meet our clients' security standards and industry best practices. 



Besed on our assessment, we recommend control improvements, that are designed to enhance the information security posture of the vendor, to better protect our clients data. 


What Our Customers Are saying

The team at SecureCrest was very knowledgeable in all things third-party risk management. Our program is improved, and we have a better idea of potential security threats from our vendors and suppliers”

—  Information Security Manager, Regional hospital

SecureCrest has provided a unique insight in helping us assess the internal security controls of our most critical vendors and suppliers, enabling us to deliver our core services to our clients

—  CISO, Large Bank in NY

Get a thorough assessment of third-party risk to identify potential exposure and help determine the right mitigation strategies to protect your organization. Schedule your call today

bottom of page