About this quiz. About this quiz. This is a readiness indicator, NOT an audit or a substitute for a real third-party risk program. It reflects the practical building blocks of frameworks like SOC 2 vendor management and NIST 800-161 supply-chain risk. Everything runs in your browser and is not saved.
// What this means for your business
A vendor breach is still your breach
A breach at a supplier or SaaS app is still your problem: your data, your customers, your reputation. We help Canadian businesses build a right-sized third-party risk program, who to vet, what to ask for, and how to watch the vendors that matter, so a weak link in your supply chain does not become your incident.