vendor-management

Manage third-party vendor security risks.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "vendor-management" with this command: npx skills add bagelhole/devops-security-agent-skills/bagelhole-devops-security-agent-skills-vendor-management

Vendor Management

Manage third-party vendor security risks.

Vendor Assessment

assessment_process: 1_identify: - Catalog all vendors - Classify by risk tier

2_assess: - Security questionnaire - SOC 2 review - Penetration test results

3_contract: - Security requirements - Data processing agreement - SLAs

4_monitor: - Continuous monitoring - Annual reassessment - Incident notification

Risk Tiers

Tier Criteria Assessment

Critical Access to sensitive data Full assessment, annual

High Significant data access Questionnaire + SOC 2

Medium Limited data access Security questionnaire

Low No data access Basic due diligence

Security Questionnaire

categories: governance: - Security policies - Risk management - Compliance certifications

technical: - Access controls - Encryption - Vulnerability management

operational: - Incident response - Business continuity - Change management

Best Practices

  • Tier-based assessments

  • Regular reassessment

  • Contract security terms

  • Incident notification requirements

  • Exit strategy planning

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

sops-encryption

No summary provided by upstream source.

Repository SourceNeeds Review
-31
bagelhole
Security

linux-administration

No summary provided by upstream source.

Repository SourceNeeds Review
-29
bagelhole
Security

linux-hardening

No summary provided by upstream source.

Repository SourceNeeds Review
-26
bagelhole