Vendor Risk Knowledge Hub

An objective comparison based on publicly available, high-level product information. Where equivalent information is unavailable for Lema, it is explicitly noted.

Latest Posts

Stay up to date with the latest thinking in third-party risk management.
Apr 2, 2026

Inside the vendor risk score

A vendor risk score shouldn’t be a black box. Here’s how a well-designed model actually works: from inherent risk to residual risk, and every assurance layer in between.
Read more
Jan 22, 2026

What Happens When Your Vendor’s Vendor Has a Problem?

If you’ve ever learned about a breach from the news at the same moment your CEO asks if you’re impacted, you know the feeling: the clock starts, the questions come fast, and the hardest part is often the simplest—do we even use them?
Read more
Mar 11, 2026

How AI Is Rewriting Vendor Security Assessments

Organizations of all sizes have suppliers and vendors that constitute their supply chain. Larger businesses will have larger supply chains, but even SMEs need to consider and manage vendor risk.
Read more
Aug 12, 2025

Public vs. Private Vendor Risk Signals

In 2025, risk teams face a paradox: more data, less clarity. Public signals (like security ratings and breach data) are objective but often superficial.
Read more
Aug 8, 2023

How AI Can Accelerate Business Growth & Reduce Third-Party Risk

Most organizations think vendor risk management happens after a contract is signed. In reality, the best chance to reduce risk happens before the contract is finalized or when it comes up for renewal.
Read more

Frequently Asked Questions

Common questions about vendor risk management and the VISO TRUST platform.

What is third-party risk management (TPRM)?

Common questions about vendor risk management and the VISO TRUST platform.

How does VISO TRUST assess vendors?

VISO TRUST uses AI-powered analysis to evaluate vendor security postures, combining automated questionnaires, document analysis, and continuous monitoring.

What is continuous monitoring and why does it matter?

Continuous monitoring provides real-time visibility into your vendors’ security posture, going beyond point-in-time assessments to catch risks as they emerge.

How do I onboard a new vendor?

Simply add the vendor to the VISO TRUST platform. Our AI will automatically gather intelligence and initiate the assessment workflow.

What compliance frameworks are supported?

VISO TRUST supports SOC 2, ISO 27001, NIST CSF, GDPR, HIPAA, PCI DSS, and many more — with customisable framework mappings.

Guides

In-depth guides to help you master vendor risk management.
Getting Started with Vendor Risk Management

A step-by-step guide for teams new to TPRM.

The Complete Guide to TPRM Automation

How to automate assessments, workflows, and reporting.

Vendor Assessment Questionnaire Templates

Ready-to-use templates aligned with major frameworks.

Resources
In-depth guides to help you master vendor risk management.
TPRM Framework Comparison Sheet

Side-by-side comparison of SOC 2, ISO 27001, NIST, and more.

PDF
Risk Scoring Methodology Whitepaper

Deep dive into how VISO TRUST calculates vendor risk scores.

Whitepaper
2025 Third-Party Risk Benchmark Report

Industry benchmarks from 500+ organizations worldwide.

Report