Example Vendor Compliance Program (VCP)

Example Vendor Compliance Program (VCP) based on ISO 27002 or NIST 800-53 

The Vendor Compliance Program (VCP) fills a growing need for companies to better manage risks with service providers and vendors. We listened to our customer requests and we developed a Microsoft Word document that is editable so that you can customize it, but the Vendor Compliance Program is based on industry-recognized best practices for managing information security risks. 

Your ISO or NIST Vendor Compliance Program will be in Microsoft Word format, so you can edit it as necessary to meet your own specific needs. This allows you to edit sections or even delete controls that you may not need to cover. 


See For Yourself - Example Vendor Compliance Program

Don't take our word for it - take a look at the example Vendor Compliance Program (VCP) to see for yourself the level of professionalism and detail that went into it.


ISO 2702 Version        NIST 800-53 Version
online-example-iso-27002-vendor-compliance-program.jpg online-example-nist-800-53-vendor-compliance-program.jpg


Vendor Compliance Program (VCP) Highlights

  • Information Security Governance
  • Information Security Policies
  • Human Resources Security
  • Security Education & Awareness
  • Information Risk Analysis
  • Asset Management
  • Identity & Access Management
  • Physical & Environmental Security
  • System Configuration
  • System Monitoring
  • Network Security
  • Cryptography
  • Information Privacy
  • Malware Protection
  • Vulnerability Management
  • System Acquisition, Development & Maintenance
  • Change Management
  • Information Security Incident Management
  • Business Continuity & Disaster Recovery (BCDR)
  • Processing Facilities
  • Vendor Management
  • Compliance

Sort by:

Sign up for our Newsletter!