Free Download

The Vendor Risk Assessment Template

A comprehensive vendor risk assessment template for ICT third-party providers. Covers due diligence, risk scoring, contractual clauses, and exit strategies aligned with DORA.

Built for organizations managing ICT third-party risk under DORA Articles 28-44. This template covers the full vendor lifecycle — from pre-contractual assessment to ongoing monitoring and exit planning.

Actionable checklist — not just theory
Used by compliance teams across Europe
PDF format — print or share with your team
Completely free, no credit card needed

Get Your Free Checklist

No credit card required. Instant download.

By downloading, you agree to receive the checklist and optional compliance updates. Unsubscribe anytime.

What's inside

Everything you need to get compliant.

Due Diligence Questionnaire — comprehensive pre-contractual assessment checklist
Risk Scoring Matrix — quantitative vendor risk evaluation framework
Contractual Requirements Checklist — DORA Art. 30 mandatory clauses
Concentration Risk Assessment — evaluate dependency on critical providers
Monitoring Plan template — ongoing vendor performance and risk tracking
Exit Strategy template — Art. 28(8) compliant transition planning
Subcontracting Chain Review — Art. 29(2) sub-processor oversight
Annual Review Process — structured vendor reassessment framework

Trusted by 50+ European financial institutions

DORAISO 27001SOC 2NIS2

Frequently Asked Questions

Is this vendor assessment template free?

Yes, completely free. We created this template to help organizations manage ICT third-party risk effectively. Download instantly after entering your email.

Does this cover DORA third-party requirements?

Yes. The template maps to DORA Articles 28-44, covering all aspects of ICT third-party risk management including the Register of Information.

Can I use this for all vendors?

The template is designed for ICT third-party service providers as defined by DORA. You can adapt it for other vendor types, but the focus is on technology and service providers.

Get started

Ready to automate your compliance?

The checklist is just the beginning. Matproof automates evidence collection, policy generation, and continuous monitoring — so you can focus on your business.

Start free trialView pricing