I'm currently looking to compare what I have created for a Supplier Due-Diligence Questionnaire however finding it difficult to even find any information out there. Is there a Basic standard that we should be covering and then look to follow up with a more in depth one.
Any help any advice would be appreciated.
Thank you.
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Guest
Antonio Jose Segovia
Oct 11, 2016
If your question is about how to evaluate supplier performance, the best standard for this, from my point of view, is ISO 9001 (related to the quality), this article can be interesting for you “How to evaluate supplier performance according to ISO 9001:2015” : https://advisera.com/9001academy/blog/2015/10/27/how-to-evaluate-supplier-performance-according-to-iso-90012015/
Keep in mind that ISO 27001 is about the protection of information, so the evaluation of suppliers is secondary, although it is also important, but the evaluation of providers is more related to the quality (ISO 9001). Maybe this article can be also interesting for you “6-step process for handling supplier security according to ISO 27001” : https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
Regarding the specific question about due diligence, you can also see it as an internal audit, so these articles can be interesting for you:
"How to make an Internal Audit checklist for ISO 27001 / ISO 22301" : https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
"ISO 9001 Audit Checklist" : https://advisera.com/9001academy/knowledgebase/iso-9001-audit-checklist/
Keep in mind that ISO 27001 is about the protection of information, so the evaluation of suppliers is secondary, although it is also important, but the evaluation of providers is more related to the quality (ISO 9001). Maybe this article can be also interesting for you “6-step process for handling supplier security according to ISO 27001” : https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
Regarding the specific question about due diligence, you can also see it as an internal audit, so these articles can be interesting for you:
"How to make an Internal Audit checklist for ISO 27001 / ISO 22301" : https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
"ISO 9001 Audit Checklist" : https://advisera.com/9001academy/knowledgebase/iso-9001-audit-checklist/
Comment as guest or Sign in
Oct 10, 2016
Oct 11, 2016
Oct 11, 2016