Free Supplier Risk Assessment

Free supplier security check – tailored for Australia and New Zealand

Your security is only as strong as the weakest vendor with access to your systems or data. This free assessment covers vendor inventory & tiering, due diligence, contractual protections, ongoing monitoring, and offboarding. It helps you identify gaps in your third‑party risk management programme before they become incidents.

New Zealand context: References the Privacy Act 2020 and NZISM supply chain security expectations. Under the Privacy Act, you are responsible for how third parties handle personal information on your behalf.

Australian context: Aligned with the Privacy Act 1988 (Cth)Notifiable Data Breaches (NDB) scheme, and APRA CPS 234 for financial services. Regulators expect you to manage supplier risk – this assessment shows you where to focus.

This free self‑assessment takes about 6 minutes. You’ll receive a risk rating (Critical → Low), a list of missing controls, and a prioritised action plan – no obligation.

Already managing some vendors? Deepen your analysis with our AI Readiness Assessment (for AI vendor risks) or Cyber Insurance Readiness (insurers now ask about vendor risk).

  • Vendor inventory & tiering

    Current vendor register, risk tiering (critical / high / standard), annual review process.

  • Onboarding & due diligence

    Security questionnaires, certification reviews (ISO 27001, SOC 2), privacy impact assessments, background checks.

  • Contractual protections

    Security obligations, data processing agreements (DPAs), breach notification timelines, right to audit.

  • Ongoing monitoring

    Access reviews, incident monitoring, annual reassessments.

  • Offboarding & fourth‑party risk

    Data return/deletion, access revocation, visibility into sub‑processors, concentration risk assessment.

  • Benchmark comparison

    See how your vendor risk programme compares to other AU/NZ organisations assessed.