Please use the specific product/service name as listed on the company's website.
Please link to the direct informational URL of the cloud service/product that you would like to be considered for assessment. Do not include custom links based on customers or generic links relating to the company.
For SaaS Providers, the cloud service provider/manufacturer is not the underlying IaaS/PaaS provider. The manufacturer in this context is the entity responsible for the security of the product being offered overall, regardless of if the service is delivered through the use of multiple cloud providers.
15. If you would like to submit third-party assessment artifacts directly for provisional status consideration, please attach the relevant documentation here. Otherwise, we will launch a questionnaire around the requested assessment initiation date to the primary contact provided to upload documentation through the SPECTRIM Vendor Portal.
NOTE: SELF-REPORTED ARTIFACTS (E.G. HECVAT) AND NDA-RESTRICTED/CLICKWRAPPED ARTIFACTS ARE NOT ACCEPTED FORMS FOR CONSIDERATION. THE DOCUMENTATION MUST INCLUDE AN INDEPENDENT THIRD-PARTY REPORT OF AN ASSESSMENT, INCLUDING THE EVALUATION OF THE SECURITY POSTURE OF THE SERVICE TO BE EVALUATED.
Note: this is the date requested for the assessment questionnaire to be launched to the respondent. This is not a guaranteed date for beginning the assessment, but helps identify the providers ability to readily provide information and documentation required by the assessment. This question requires a valid date format of MM/DD/YYYY.
This question requires a valid date format of MM/DD/YYYY.
The due date is required to be populated prior to launching the assessment questionnaire. You may submit a questionnaire early, but unsubmitted questionnaires are automatically deleted 180 days after the due date. Please select a reasonable due date to ensure the questionnaire is not deleted. This question requires a valid date format of MM/DD/YYYY.