Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is a vendor review?

Vendor review is a process by which an organization can understand the potential risks of utilizing a vendor’s product or service, as well as an ongoing process to ensure that quality security practices are being maintained in an ongoing fashion. A vendor review process will assess a vendor’s capacity to maintain effective and appropriate security practices and other performance elements critical to an organization’s business. Vendor review is particularly critical when vendors will have access to sensitive internal or customer data.

An organization may develop different vendor review processes for its different vendor types. Vendor reviews will address a range of areas of risk that working with the vendor could pose to an organization, including but not limited to review of a vendor’s physical environment security, organizational security, human resource security, data handling processes, asset management, and more.


Establishing and maintaining regular vendor review processes will help ensure that an organization is effectively monitoring not only its internal security processes, but the security of all the services that comprise its operational ecosystem. If vendors have access to a company’s internal or customer data, the quality of their security practices is as important as the quality of an organization’s own practices.

{{cta_simple5="/cta-modules"}}

Additional resources you might like:

Compliance
Vanta events | Vanta
The State of Trust: Top Security & Compliance Trends for 2025

Join us live as we discuss key findings from Vanta’s State of Trust Report, how automation eases the compliance burden, and the role of continuous control monitoring in building real-time trust.

Compliance
Vanta events | Vanta
Fostering a culture of security in an AI world

Watch our expert-led session to explore strategies for embedding a security-first culture in an AI-driven world. We'll address unique challenges and share actionable insights to help safeguard your organization.

ISO 42001
Vanta events | Vanta
How to demonstrate secure AI practices with ISO 42001

Watch Vanta and A-LIGN's Coffee and Compliance session on ISO 42001 —what it is, what types of organizations need it, and how it works.

Additional resources you might like:

Compliance
Vanta events | Vanta
The State of Trust: Top Security & Compliance Trends for 2025

Join us live as we discuss key findings from Vanta’s State of Trust Report, how automation eases the compliance burden, and the role of continuous control monitoring in building real-time trust.

Compliance
Vanta events | Vanta
Fostering a culture of security in an AI world

Watch our expert-led session to explore strategies for embedding a security-first culture in an AI-driven world. We'll address unique challenges and share actionable insights to help safeguard your organization.

ISO 42001
Vanta events | Vanta
How to demonstrate secure AI practices with ISO 42001

Watch Vanta and A-LIGN's Coffee and Compliance session on ISO 42001 —what it is, what types of organizations need it, and how it works.

Security
Vanta events | Vanta
How Trust Centers Help Save Time and Accelerate Sales

Discover how trust centers enhance customer confidence, streamline security processes, and drive sales growth, based on IDC’s latest research.

HIPAA
Vanta events | Vanta
Choosing the right HITRUST certification level and streamlining implementation

As an authorized reseller, Vanta’s pre-built HITRUST solution natively includes the necessary controls, documents, and policies - eliminating the manual “do-it-yourself” approach that other platforms require. Curious to see this in action? Join Vanta and HITRUST for a live session!

Product updates
Blog
Introducing new Vanta capabilities to automatically improve your security posture

Today we’re excited to announce a framework for the CIS Critical Security Controls® 8.1, automated tests aligned to the CIS Foundation Benchmarks, and enhancements to the Vanta API.

Compliance
Vanta events | Vanta
Audit Prep Excellence: Your Path to Success

Join our interactive webinar featuring experts in compliance auditing for a live Q&A session. We'll dive into essential tips for preparing for various compliance audits, guide you through the nuances of both ISO 27001 and SOC 2 standards, and discuss best practices for maintaining continuous compliance.

Product updates
Vanta events | Vanta
What's New in Vanta: July

Are you curious about new Vanta features? Join Vanta's 'What's New in Vanta' webinar to discover new features and enhancements. Register now!

Product updates
Blog
Expanding the Vanta API to connect auditor tools

The Vanta API now supports auditor workflows. Improve efficiency and accuracy by integrating Vanta into your auditor tools to seamlessly sync data and enhance client collaboration.