Create Questionnaire


ESI offers a commercial supply chain vendor qualification service in which our trained professional will evaluate the questions as well as help you answer the questions which you receive from your client.  This also may lead to the need for assessments which have not been done that are needed to support the vendor questionnaire.  Such services could be internal and external vulnerability assessments, internal and external penetration testing, PCI scans, ROC record of compliance assessment, risk assessment, data segmentation, data discovery, network and cloud architecture review, etc. Supplying support documentation a long with a letter of attestation many times is the difference between winning a contract and or simply being denied approved status for future projects.

Vendor Questionnaire Service


Although CMMC will be a large part of the near future for the government sector the commercial space especially the regulated markets such as Banking, Energy, Petro Chemical, Education and Retail, are protecting themselves by creating web-portals that require vendors to apply. This process includes asking rigorous questions that sometimes ranging into the hundreds. Most organizations do not know how to deal with these often obscure and difficult to answer questions that range from product or services offered to compliance, level of experience and references. Unfortunately, organizations tend to just answer “yes” or simply miss-state capabilities to get thru the process and get the contract. This however is usually a very bad idea since if the entity is audited then it could be fined and or charged criminally for corporate negligence. This especially is critical if you are called a “covered entity” which means your company is part of the compliance requirements of your client.
The ESI offerings include both sides of the fence.

ADVISORY

as a 

SERVICE

CONVERGED

PHYSICAL   SECURITY

SOLUTIONS

​​Answer Questionnaire

ESI offers a commercial supply chain vendor qualification service in which our trained professional will evaluate the questions as well as help you answer the questions which you receive from your client.  This also may lead to the need for assessments which have not been done that are needed to support the vendor questionnaire.  Such services could be internal and external vulnerability assessments, internal and external penetration testing, PCI scans, ROC record of compliance assessment, risk assessment, data segmentation, data discovery, network and cloud architecture review, etc. Supplying support documentation a long with a letter of attestation many times is the difference between winning a contract and or simply being denied approved status for future projects.

CONVERGED

CYBER   SECURITY SOLUTIONS