Free Download

Vendor Risk Assessment Template

A comprehensive vendor risk assessment template for ICT third-party providers. Covers due diligence, risk scoring, contractual clauses, and exit strategies aligned with DORA.

Built for organizations managing ICT third-party risk under DORA Articles 28-44. This template covers the full vendor lifecycle — from pre-contractual assessment to ongoing monitoring and exit planning.

Actionable checklist — not just theory
Built by EU compliance specialists
PDF format — print or share with your team
Completely free, no credit card needed

Get Your Free Checklist

No credit card required. Instant download.

We'll send the download link once to the email address you provide. Marketing emails are sent only if you tick the box above.

What's Inside

Everything you need to assess, plan, and execute your compliance journey.

Due Diligence Questionnaire — comprehensive pre-contractual assessment checklist
Risk Scoring Matrix — quantitative vendor risk evaluation framework
Contractual Requirements Checklist — DORA Art. 30 mandatory clauses
Concentration Risk Assessment — evaluate dependency on critical providers
Monitoring Plan template — ongoing vendor performance and risk tracking
Exit Strategy template — Art. 28(8) compliant transition planning
Subcontracting Chain Review — Art. 29(2) sub-processor oversight
Annual Review Process — structured vendor reassessment framework

Built for EU-regulated financial services

DORAISO 27001SOC 2NIS2

Frequently Asked Questions

Is this vendor assessment template free?

Yes, completely free. We created this template to help organizations manage ICT third-party risk effectively. Download instantly after entering your email.

Does this cover DORA third-party requirements?

Yes. The template maps to DORA Articles 28-44, covering all aspects of ICT third-party risk management including the Register of Information.

Can I use this for all vendors?

The template is designed for ICT third-party service providers as defined by DORA. You can adapt it for other vendor types, but the focus is on technology and service providers.

Get started

Ready to automate your compliance?

The checklist is just the beginning. Matproof automates evidence collection, policy generation, and continuous monitoring — so you can focus on your business.

Book a demoView pricing