Content library

Best practices for managing third-party risks

Third-party risk management is tough enough. With 3rdRisk, you won’t start from scratch. Use helpful content and best practices we've created with our partners, like risk management frameworks, control sets, and questionnaires. Meet regulations and reduce supplier risk efficiently.

Baseline Informatiebeveiliging Overheid (BIO)

This questionnaire is intended to evaluate adherence to the Dutch security baseline for government organizations.

Questionnaire

CIS Critical Security Controls

This questionnaire is designed to assess the maturity against the CIS Critical Security Controls.

Questionnaire

Corporate Sustainability Reporting Directive (CSRD)

The package includes 5 questionnaires to assess CSRD compliance and a set of predefined risks and controls following the directive.

Content package

Critical Raw Materials Act

This questionnaire is designed to assess compliance with the EU Critical Raw Materials Act of 2023.

Questionnaire

Deforestation Regulation

A best-practice questionnaire designed to evaluate how well organizations adhere to the EU's deforestation-free regulations.

Questionnaire

Digital Operational Resilience Act (DORA)

This package includes a pre-defined set of risks, controls, and questionnaires to ensure compliance with DORA.

Content package

General Data Protection Regulation (GDPR)

Best-practice assessment template to assess compliance with the GDPR.

Questionnaire

German Supply Chain Act (LkSG)

A best-practice questionnaire including all relevant requirements from the German supply chain law.

Questionnaire

ISO/IEC 14001

A best-practice questionnaire for environmental management following the 14001 controls.

Questionnaire

ISO/IEC 22301

Questionnaire for assessing business continuity management in line with the 22301.

Questionnaire

ISO/IEC 26000

This questionnaire can be used to assess organisations' contribution to sustainable development in line with the 26000.

Questionnaire

ISO/IEC 27001

Contact package including control framework and questionnaires for assessing security in line with the 27001.

Content package

ISO/IEC 9001

Questionnaire to assess the extent to which organisations comply with the 9001.

Questionnaire

International Featured Standards (IFS)

Questionnaire for third-party risk assessments using the IFS food and non-food standards.

Questionnaire

NIST Cybersecurity Framework

A questionnaire designed to evaluate maturity in accordance with the NIST Cybersecurity Framework.

Questionnaire

Network & Information Security Directive (NIS2)

This questionnaire is aimed at NIS2 compliance and aligned with the ISO 27001 and NIS2 Quality Mark level 30.

Questionnaire

Standardized Information Gathering (SIG)

The Standardized Information Gathering (SIG) Questionnaire is a standardised questionnaire or third-party security and privacy assessments.

Questionnaire

Uyghur Forced Labor Prevention Act (UFLPA)

A best-practice questionnaire to evaluate organisational compliance with the UFLPA.

Questionnaire

Vendor Security Alliance (VSA)

A best-practice questionnaire for assessing the security maturity of organisations.

Questionnaire

Curated by our partners

The content in our Content Hub is continuously developed and kept up-to-date by subject matter experts from our partners. We collaborate wit such as Deloitte, Protiviti, NTT DATA, and Eraneos. As a result, you will always have access to high-quality, up-to-date, and free to use content.

Our Content Hub is designed for immediate use of the content. With just a click of a button, you can activate a framework or questionnaire and use it right away. All content can also be downloaded, allowing you to customise it according to your preferences and tailor it to your specific contenxt.

Carsten Hoffmann
NTT DATA

"I would definitely recommend 3rdRisk as a tool solution because of the quick implementation, the best-practice content and the outstanding usability of the platform, both for internal users and for our suppliers."