๐ Recent activity
Loadingโฆ
Vendor risk
Track third-party vendors (cloud providers, SaaS, hardware suppliers, MSPs) and their security attestations. Auditors care about fourth-party risk; SOC 2 CC9 and ISO 27001 A.5.19 / A.5.20 / A.5.22 ask for it explicitly.
Total vendors
โ
High residual
โ
Critical residual
โ
Expiring < 60d
โ
| Vendor | Category | Criticality | Residual | Attestations | |
|---|---|---|---|---|---|
| Loading... | |||||
Trust note: vendor records live in $SC_DATA_DIR/vendor_risk.json — local file, never transmitted.