Due Diligence

Due diligence is the process of thoroughly investigating a vendor's security posture, compliance status, financial health, and operational practices before entering a contractual relationship, and on a recurring basis thereafter. It has traditionally relied on questionnaires; modern third-party cyber risk management combines questionnaire-based and outside-in technical evidence for a complete, independent picture.