Procurement, due diligence or security questionnaires, whatever you want to call them are becoming far more common and businesses we work with, who haven’t had them before, are starting to get them.
We work quite widely in the security sector and they have started getting them from other companies that they work with. Generally, the questionnaires are based on the International Standard ISO27001. The questions can be phrased strangely and be difficult to understand what they need from you. The questionnaires frequently ask for copies of policies and procedures to support good security practice. This can be a challenge when you don’t have that documentation in place.
If you need some documents check out our done for you page here.
Remember when completing the questionnaire to answer honestly. Your contract will be based on the answers. If you have lied or entered
the answer you think they want to see, you could be liable if there is an issue further into the contract.
The questionnaires aim is to ensure that the data and business information they’re sharing with the company is held securely and confidentially. The requesting company will usually review their suppliers on a regular basis.
This week we’ve helped organisations who, though they have good practices in place haven’t documented those. So we’ve been working on creating policies that meet the ISO 27001 standard and completing their questionnaires so that they continue to work with the companies who have sent them.
If you would like to talk about procurement questionnaires or need help completing them book a free call to see how we can help you