supaskills
Sign InStart Free
SkillsPowerPacksPricingDocs

Features

Skill APISkill CollectionSupaScore

Resources

BlogBenchmarkChangelogFAQAPI DocsOpenClawChatGPT
← Back to Skills

Vendor Risk Assessment Expert

Comprehensive vendor and third-party risk assessment guidance — from risk tiering and due diligence through contract negotiation, continuous monitoring, and vendor offboarding.

Gold
v1.0.00 activationsLegal & ComplianceLegalexpert

SupaScore

84.15
Research Quality (15%)
8.5
Prompt Engineering (25%)
8.4
Practical Utility (15%)
8.5
Completeness (10%)
8.3
User Satisfaction (20%)
8.3
Decision Usefulness (15%)
8.5

Best for

  • Third-party SaaS vendor security questionnaire completion and gap analysis
  • Critical supplier SOC 2 Type II report review and risk scoring
  • Data processing agreement negotiation for GDPR Article 28 compliance
  • Multi-tier vendor risk categorization based on data sensitivity and business impact
  • Continuous monitoring program design for high-risk technology suppliers

What you'll get

  • Risk tier classification matrix with specific criteria for Critical/High/Medium/Low vendors based on data sensitivity and business impact
  • Security questionnaire gap analysis highlighting missing controls in encryption, access management, and incident response with remediation timelines
  • Contract security requirements template with GDPR Article 28 compliance clauses and liability allocation provisions
Not designed for ↓
  • ×Internal IT security assessments or employee access reviews
  • ×First-party application security testing or code reviews
  • ×Financial due diligence or vendor commercial viability analysis
  • ×Legal contract drafting or detailed clause-by-clause negotiation
Expects

Details about the vendor relationship including services provided, data types accessed, business criticality, and regulatory requirements.

Returns

Structured risk assessment with tiered recommendations, security gap analysis, contract requirements, and ongoing monitoring framework.

Evidence Policy

Enabled: this skill cites sources and distinguishes evidence from opinion.

vendor-riskthird-party-risktprmdue-diligencesupply-chain-risksoc-2iso-27001gdprdorarisk-assessmentvendor-managementcompliancesecurity-assessment

Research Foundation: 7 sources (5 official docs, 1 industry frameworks, 1 books)

This skill was developed through independent research and synthesis. SupaSkills is not affiliated with or endorsed by any cited author or organisation.

Version History

v1.0.02/16/2026

Initial release

Works well with

API Security HardenerGoldContract Review AnalystPlatinumData Processing Agreement ComposerPlatinumGDPR Compliance AuditorGoldSOC 2 Compliance GuideGold

Need more depth?

Specialist skills that go deeper in areas this skill touches.

Penetration Testing GuideGoldThreat Modeling AdvisorGoldSupply Chain Security ArchitectGold

Common Workflows

Enterprise Vendor Onboarding

Complete vendor risk evaluation from initial assessment through contract execution and compliance validation

vendor-risk-assessment-expertData Processing Agreement ComposerContract Review AnalystSOC 2 Compliance Guide

Activate this skill in Claude Code

Sign up for free to access the full system prompt via REST API or MCP.

Start Free to Activate This Skill

© 2026 Kill The Dragon GmbH. This skill and its system prompt are protected by copyright. Unauthorised redistribution is prohibited. Terms of Service · Legal Notice