Get Access to Our Community of Shared Risk Assessments  |  Claim 10 Free & Completed Vendor Risk Assessments


Welcome to Vendorpedia

Trusted by Over 5,000 Global Customers

The OneTrust Vendorpedia Third-Party Risk Management Platform

Global Risk Exchange Software

Cyber Risk Exchange

Research vendors and monitor performance with a research database and pre-completed assessments

Vendor Chasing Services

Vendor Chasing Services™

Enlist a Vendorpedia agent to perform vendor risk assessments on your behalf

Vendor Risk Assessments and Due Diligence

Assessments & Due Diligence

Streamline supplier selection, assessment, mitigation, and approvals with workflow automation


Personalized Automation Workflows to Meet Your Use Case

Manage the vendor lifecycle, from selection to onboarding and through to supplier termination. Identify bottlenecks and use assessment automation technology to perform faster due diligence, speeding up procurement to get your team the tools they need to succeed, without sacrificing security or compliance.

Fueled by OneTrust DataGuidance Intelligence

Vendorpedia is powered by OneTrust DataGuidance intelligence to offer regulatory, security, privacy, and third-party risk research from over 50 in-house researchers and a global network of 500 lawyers. Research your vendors with a database of aggregated vendor information from public and private sources to understand the state of your vendors’ security, privacy, and compliance programs.

Proactive Monitoring for Ongoing Vendor Oversight

Maintain a watchful eye on all your vendors to identify critical risk and performance changes that occur over time. Get notified and automate actions when changes that affect security, privacy, compliance, and performance arise. With Vendorpedia, you can monitor vendor breaches; regulatory enforcement actions; security certification lapses; SLA performance; 4th-party changes; controls; contract expirations; internal use case changes; and much more. And when these events occur, leverage configurable automation workflows to rapidly respond.

Clarity at Every Level of Your
Third-Party Risk Program

Build an inventory of every vendor, with the granularity to track the information you care about most, all while maintaining records for compliance for every product, service, contract, and supplier engagement. Extract and monitor key contract terms and SLAs, as well as keep your vendor inventory up to date.

Prescriptive Functionality for Every Team, from Procurement to IT

Streamline communication across teams with roles-based access controls for third-party risk, infosec, procurement, sourcing, IT, and privacy professionals. Automate task delegation, track activity to maintain audit trails, and configure automation rules to develop systematic processes, as well as increase accountability across your team.

Simplified and Centralized Risk Management

Personalize your risk scoring framework to track inherent and residual risks. Using Vendorpedia, you can flag risks automatically with intelligent assessments and kick off repeatable risk treatment workflows that align to goals. When a risk emerges, take necessary actions, such as accepting the risk, making mitigation recommendations, or assigning controls. Lastly, track risks in a central register to identify risky vendors and prioritize treatment.

Want to see the Vendorpedia platform in action?


As of February 13th, 2020, OneTrust Vendor Risk Management has an Overall Rating of 4.8 out of 5 in the IT Vendor Risk Management market based on 68 reviews.

The Gartner Peer Insights Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.

Support for Your Industry and Hundreds of Standards, Frameworks, and Laws

Recommended Resources