AssessmentFree tool

Vendor Risk Scoring Tool

Third-party risk is your risk. This tool scores vendors across 5 dimensions: data security practices, financial stability, operational resilience, regulatory compliance, and contractual governance. Input vendor details, answer assessment questions, and get a composite risk score with tier classification (Critical, High, Medium, Low).

Data Security

SOC 2 or ISO 27001 certified?

Encryption at rest and in transit?

Regular penetration testing?

Financial Stability

Profitable or well-funded?

Insurance coverage adequate?

No recent credit downgrades?

Operational Resilience

SLA meets requirements?

Disaster recovery tested?

Geographic redundancy?

Regulatory Compliance

GDPR/privacy compliant?

Industry-specific certifications?

Regular compliance audits?

Contract Governance

Exit clause defined?

Data portability guaranteed?

Liability caps appropriate?

Constellation tracks vendor commitments as governance constraints

Take the governance health check →