Sample questionnaires
The questionnaire that you use can depend on your industry, geographic area, jurisdiction, or the particular nature of your operations. These questionnaires are provided as part of the base system and are samples that shouldn’t be implemented into your risk management program without first being reviewed and approved by your legal team.
Types of TPRM SAE Questionnaire template
After upgrading to version 22.0.2 and installing the Unified Content Management application, you can view these questionnaire templates by navigating to , select the unified content management icon 
and then navigate to Smart assessment templates.
| Name | Risk Area | Regulation or Purpose | Classification |
|---|---|---|---|
| Information Security & Cybersecurity Document Request | Information Security & Cyber Risk | This template is designed to collect comprehensive documentation related to the vendor's information security program, cybersecurity controls, and technical safeguards. It validates the vendor's ability to protect sensitive data, systems, and infrastructure from cyber threats, unauthorised access, and security incidents. Essential for assessing vendors with access to IT systems, networks, or sensitive information. | TPRM external document request |
| Regulatory Compliance & Legal Document Request | Regulatory Compliance & Legal Risk | This template collects documentation to verify your organisation's adherence to applicable laws, regulations, industry standards, and contractual obligations. We need to evaluate your compliance posture across relevant regulatory frameworks and your ability to meet legal and regulatory requirements. This assessment is essential given the regulated nature of our industry and the regulated data we handle. | TPRM external document request |
| Business Continuity & Operational Resilience Document Request | Business Continuity & Operational Resilience Risk | This template requests documentation to evaluate your organisation's capability to maintain operations during disruptions, disasters, or crisis events. We need to assess recovery capabilities, redundancy measures, and operational resilience frameworks. This is critical given your role in providing essential services where downtime could significantly impact our organisation's operations. | TPRM external document request |
| Inherent risk questionnaire | Inherent Third-Party Risk | Internal questionnaire template for assessing inherent risk during due diligence requests. | TPRM internal IRQ |
| IRQ - 3rd Party Engagement Renewal | Inherent Third-Party Risk | Internal questionnaire for assessing third-party engagement renewal requirements. | TPRM internal IRQ |
| IRQ - 3rd Party Engagement Onboarding - EU | Inherent Third-Party Risk | Internal questionnaire for third-party engagement onboarding specific to European Union region. | TPRM internal IRQ |
| IRQ - 3rd Party Engagement Onboarding | Inherent Third-Party Risk | Internal questionnaire for third-party engagement onboarding process. | TPRM internal IRQ |
| IRQ - 3rd Party Engagement Offboarding Due Diligence | Inherent Third-Party Risk | Internal questionnaire for third-party engagement offboarding with additional due diligence activities. | TPRM internal IRQ |
| IRQ - 3rd Party Eng. Onboarding - Singapore | Inherent Third-Party Risk | Internal questionnaire for third-party engagement onboarding specific to Singapore region. | TPRM internal IRQ |
| IRQ - 3rd Party Eng. Offboarding No Due Diligence | Inherent Third-Party Risk | Internal questionnaire for third-party engagement offboarding without additional due diligence requirements. | TPRM internal IRQ |
| IRQ - 3rd Party Eng. Additional Due Diligence | Inherent Third-Party Risk | Internal questionnaire for conducting additional due diligence on third-party engagements. | TPRM internal IRQ |
| SIG Lite | Multi-Domain Third-Party Risk | Standardized Information Gathering (SIG) Lite questionnaire for streamlined third-party risk assessment (2025 version). | TPRM external SIG questionnaire |
| SIG Lite | Multi-Domain Third-Party Risk | Standardized Information Gathering (SIG) Lite questionnaire for streamlined third-party risk assessment (2024 version). | TPRM external SIG questionnaire |
| SIG Lite | Multi-Domain Third-Party Risk | Standardized Information Gathering (SIG) Lite questionnaire for streamlined third-party risk assessment (2023 version). | TPRM external SIG questionnaire |
| SIG Detail | Multi-Domain Third-Party Risk | Standardized Information Gathering (SIG) Full questionnaire for detailed third-party risk assessment (2025 version). | TPRM external SIG questionnaire |
| SIG Detail | Multi-Domain Third-Party Risk | Standardized Information Gathering (SIG) Full questionnaire for detailed third-party risk assessment (2024 version). | TPRM external SIG questionnaire |
| SIG Detail | Multi-Domain Third-Party Risk | Standardized Information Gathering (SIG) Full questionnaire for detailed third-party risk assessment (2023 version). | TPRM external SIG questionnaire |
| SIG Core | Multi-Domain Third-Party Risk | Standardized Information Gathering (SIG) Core questionnaire for comprehensive third-party risk assessment (2025 version). | TPRM external SIG questionnaire |
| SIG Core | Multi-Domain Third-Party Risk | Standardized Information Gathering (SIG) Core questionnaire for comprehensive third-party risk assessment (2024 version). | TPRM external SIG questionnaire |
| SIG Core | Multi-Domain Third-Party Risk | Standardized Information Gathering (SIG) Core questionnaire for comprehensive third-party risk assessment (2023 version). | TPRM external SIG questionnaire |
| Workplace Safety and Health Act WSHA - Sample Ques. - Singapore | Workplace Safety & Labor Risk | Sample questionnaire for assessing compliance with Singapore Workplace Safety and Health Act. | TPRM external questionnaire |
| TradeFirst - Sample Questionnaire - Singapore | Supply Chain & Operational Resilience Risk | Sample questionnaire for assessing compliance with Singapore TradeFirst requirements. | TPRM external questionnaire |
| TPRM General Question Sample Questionnaire | Multi-Domain Third-Party Risk | General sample questionnaire covering common third-party risk management assessment areas. | TPRM external questionnaire |
| Sustainable Singapore Blueprint - Sample Ques - Singapore | ESG & Sustainability Risk | Sample questionnaire for assessing alignment with Singapore Sustainable Blueprint initiatives. | TPRM external questionnaire |
| Supply Chain Resiliency - Sample Questionnaire | Supply Chain & Operational Resilience Risk | Sample questionnaire for assessing supply chain resilience and continuity planning. | TPRM external questionnaire |
| Supply Chain - Sample Questionnaire | Supply Chain & Operational Resilience Risk | Sample questionnaire for assessing supply chain management practices and risks. | TPRM external questionnaire |
| Strategic Goods (Control) Act - Sample Ques. - Singapore | Trade & Export Compliance Risk | Sample questionnaire for assessing compliance with Singapore Strategic Goods Control Act. | TPRM external questionnaire |
| Singapore anti-corruption and bribery regulations - Sample Ques. - Singapore | Financial Crime & Ethics Risk | Sample questionnaire for assessing compliance with Singapore anti-corruption and bribery regulations. | TPRM external questionnaire |
| SOX - Sample Questionnaire | Financial & Regulatory Compliance Risk | Sample questionnaire for assessing vendor compliance with Sarbanes-Oxley Act requirements. | TPRM external questionnaire |
| SEC - Sample Questionnaire | Financial & Regulatory Compliance Risk | Sample questionnaire for assessing vendor compliance with Securities and Exchange Commission requirements. | TPRM external questionnaire |
| RBI Reserve Bank of India - Sample Questionnaire - India | Financial & Regulatory Compliance Risk | Sample questionnaire for assessing vendor compliance with Reserve Bank of India regulations. | TPRM external questionnaire |
| PSD2 Payment - Sample Questionnaire - EU | Financial & Regulatory Compliance Risk | Sample questionnaire for assessing vendor compliance with Payment Services Directive 2 requirements. | TPRM external questionnaire |
| PDPA Personal Data Protection Act - Sample Ques. - Singapore | Data Privacy & Protection Risk | Sample questionnaire for assessing compliance with Singapore Personal Data Protection Act. | TPRM external questionnaire |
| PCI DSS - Sample Questionnaire | Payment Card & Data Security Risk | Sample questionnaire for assessing vendor compliance with Payment Card Industry Data Security Standard. | TPRM external questionnaire |
| Operational Resiliency - Sample Questionnaire | Business Continuity & Operational Resilience Risk | Sample questionnaire for assessing vendor operational resilience and recovery capabilities. | TPRM external questionnaire |
| OSHA - Sample Questionnaire | Workplace Safety & Labor Risk | Sample questionnaire for assessing vendor compliance with Occupational Safety and Health Administration requirements. | TPRM external questionnaire |
| NIST - Sample Questionnaire | Information Security & Cyber Risk | Sample questionnaire for assessing vendor alignment with NIST cybersecurity framework. | TPRM external questionnaire |
| MiFID II Markets in Financial Instruments Directive II - Sample Questionnaire - EU | Financial & Regulatory Compliance Risk | Sample questionnaire for assessing compliance with MiFID II financial instruments directive. | TPRM external questionnaire |
| Medical Billing - Sample Questionnaire | Healthcare & Regulatory Compliance Risk | Sample questionnaire for assessing medical billing vendor compliance and practices. | TPRM external questionnaire |
| MAS Monetary Authority of Singapore BCM - Sample Ques. - Singapore | Business Continuity & Operational Resilience Risk | Sample questionnaire for assessing compliance with MAS business continuity management guidelines. | TPRM external questionnaire |
| IRS Internal Revenue Service - Sample Questionnaire - US | Financial & Regulatory Compliance Risk | Sample questionnaire for assessing vendor compliance with Internal Revenue Service requirements. | TPRM external questionnaire |
| Hi-Trust Health Info Trust Alliance - Sample Questionnaire | Information Security & Cyber Risk | Sample questionnaire for assessing vendor compliance with HITRUST security framework. | TPRM external questionnaire |
| HIPPA - Sample Questionnaire | Health Data Privacy Risk | Sample questionnaire for assessing vendor compliance with HIPAA health information privacy requirements. | TPRM external questionnaire |
| German Supply Chain Due Diligence - Sample Questionnaire - EU | Supply Chain & Human Rights Risk | Sample questionnaire for assessing compliance with German Supply Chain Due Diligence Act. | TPRM external questionnaire |
| Gen AI - Sample Questionnaire | AI Governance & Model Risk | Sample questionnaire for assessing generative AI vendor risks and governance practices. | TPRM external questionnaire |
| GLBA Gramm-Leach-Bliley Act - Sample Questionnaire - US | Financial Privacy Risk | Sample questionnaire for assessing compliance with Gramm-Leach-Bliley Act financial privacy requirements. | TPRM external questionnaire |
| GDPR - Sample Questionnaire | Data Privacy & Protection Risk | Sample questionnaire for assessing vendor compliance with General Data Protection Regulation requirements. | TPRM external questionnaire |
| Financial - Sample Questionnaire | Financial & Regulatory Compliance Risk | Sample questionnaire for assessing vendor financial health and stability. | TPRM external questionnaire |
| FTC - Sample Questionnaire | Regulatory Compliance & Legal Risk | Sample questionnaire for assessing vendor compliance with Federal Trade Commission requirements. | TPRM external questionnaire |
| FDA - Sample Questionnaire | Healthcare & Regulatory Compliance Risk | Sample questionnaire for assessing vendor compliance with Food and Drug Administration regulations. | TPRM external questionnaire |
| FCPA Sample Questionnaire - UK | Financial Crime & Ethics Risk | Sample questionnaire for assessing vendor compliance with Foreign Corrupt Practices Act requirements. | TPRM external questionnaire |
| FAA Federal Aviation Admin Sample Questionnaire - US | Transportation & Safety Compliance Risk | Sample questionnaire for assessing vendor compliance with Federal Aviation Administration regulations. | TPRM external questionnaire |
| Export Control - Sample Questionnaire | Trade & Export Compliance Risk | Sample questionnaire for assessing vendor compliance with export control regulations. | TPRM external questionnaire |
| Environmental Lite EPA - Sample Questionnaire | ESG & Sustainability Risk | Streamlined questionnaire for assessing vendor environmental compliance with EPA standards. | TPRM external questionnaire |
| Environmental Full - Sample Questionnaire | ESG & Sustainability Risk | Comprehensive questionnaire for assessing vendor environmental compliance and sustainability practices. | TPRM external questionnaire |
| Element Product Risk - Sample | Regulatory Compliance & Legal Risk | Sample questionnaire for assessing product-related risk factors. | TPRM external questionnaire |
| Element Facility Risk - Sample | Regulatory Compliance & Legal Risk | Sample questionnaire for assessing facility-related risk factors. | TPRM external questionnaire |
| Element Facility Datacenter Risk - Sample | Physical & Logical Security Risk | Sample questionnaire for assessing datacenter facility risk factors. | TPRM external questionnaire |
| Element Beneficial Owner Risk - Sample | Financial Crime & Ethics Risk | Sample questionnaire for assessing beneficial ownership risk factors. | TPRM external questionnaire |
| EU-OSHA - Sample Ques. - EU | Workplace Safety & Labor Risk | Sample questionnaire for assessing vendor compliance with EU Occupational Safety and Health Agency requirements. | TPRM external questionnaire |
| ESG Questionnaire | ESG & Sustainability Risk | Best practice questionnaire for assessing Environmental, Social, and Governance risk factors. | TPRM external questionnaire |
| Data Center Security | Physical & Logical Security Risk | Questionnaire for assessing data center physical and logical security controls. | TPRM external questionnaire |
| DOT Department of Transportation - Sample Questionnaire - US | Transportation & Safety Compliance Risk | Sample questionnaire for assessing vendor compliance with US Department of Transportation regulations. | TPRM external questionnaire |
| Cyber Essentials - Sample Questionnaire | Information Security & Cyber Risk | Sample questionnaire for assessing vendor compliance with Cyber Essentials certification requirements. | TPRM external questionnaire |
| Conflict Minerals - Sample Questionnaire | Supply Chain & ESG Risk | Sample questionnaire for assessing vendor compliance with conflict minerals regulations. | TPRM external questionnaire |
| Competition Act Chapter 50B - Sample Ques. Singapore | Competition & Antitrust Risk | Sample questionnaire for assessing compliance with Singapore Competition Act Chapter 50B. | TPRM external questionnaire |
| Competition - Sample Questionnaire | Competition & Antitrust Risk | Sample questionnaire for assessing vendor compliance with competition and antitrust requirements. | TPRM external questionnaire |
| Cloud Security | Cloud Security Risk | General questionnaire for assessing cloud service provider security controls and practices. | TPRM external questionnaire |
| CWA Clean Water Act - Sample Questionnaire | ESG & Sustainability Risk | Sample questionnaire for assessing vendor compliance with Clean Water Act requirements. | TPRM external questionnaire |
| CSA Cyber Security Agency of Singapore - Sample Ques.- Singapore | Information Security & Cyber Risk | Sample questionnaire for assessing compliance with Cyber Security Agency of Singapore requirements. | TPRM external questionnaire |
| CPRA California Privacy Rights Act - Sample Questionnaire | Data Privacy & Protection Risk | Sample questionnaire for assessing vendor compliance with California Privacy Rights Act requirements. | TPRM external questionnaire |
| CIS Critical Security Controls - Sample Questionnaire | Information Security & Cyber Risk | Sample questionnaire for assessing vendor implementation of CIS Critical Security Controls. | TPRM external questionnaire |
| CFPB - Sample Questionnaire | Financial & Regulatory Compliance Risk | Sample questionnaire for assessing vendor compliance with Consumer Financial Protection Bureau requirements. | TPRM external questionnaire |
| CCPA - Sample Questionnaire | Data Privacy & Protection Risk | Sample questionnaire for assessing vendor compliance with California Consumer Privacy Act requirements. | TPRM external questionnaire |
| CAIQ 4.0.2 Sample Questionnaire | Cloud Security Risk | Sample questionnaire based on Cloud Security Alliance Consensus Assessments Initiative Questionnaire v4.0.2. | TPRM external questionnaire |
| CAA Clean Air Act - Sample Questionnaire | ESG & Sustainability Risk | Sample questionnaire for assessing vendor compliance with Clean Air Act requirements. | TPRM external questionnaire |
| Bribery Act 2010 - Sample Questionnaire | Financial Crime & Ethics Risk | Sample questionnaire for assessing vendor compliance with UK Bribery Act 2010 requirements. | TPRM external questionnaire |
| BCM - Sample Questionnaire | Business Continuity & Operational Resilience Risk | Sample questionnaire for assessing vendor Business Continuity Management practices. | TPRM external questionnaire |
| AML - Sample Questionnaire | Financial Crime & Ethics Risk | Sample questionnaire for assessing vendor Anti-Money Laundering controls and compliance. | TPRM external questionnaire |
| AI Vendor Risk Assessment for Fully Managed AI Service (Provider/Processor) | AI Governance & Model Risk | Questionnaire for assessing risks associated with fully managed AI service providers and processors. | TPRM external questionnaire |
| ABAC - Sample Questionnaire | Financial Crime & Ethics Risk | Sample questionnaire for assessing vendor Anti-Bribery and Anti-Corruption controls. | TPRM external questionnaire |
| 12CFR Part 1016 Privacy -Sample Questionnaire | Financial Privacy Risk | Sample questionnaire for assessing compliance with 12 CFR Part 1016 privacy regulations. | TPRM external questionnaire |
| Accessibility questions for Software Vendors | Accessibility & Regulatory Compliance Risk | TPRM external questionnaire | TPRM external questionnaire |
| Fourth-party registration questionnaire | Supply Chain & Fourth-Party Risk | Fourth-party registration questionnaire | TPRM external 4th-party questionnaire |
Types of Questionnaire template
You can view these questionnaire templates by navigating to .
| Name | Risk Area | Regulation or Purpose | Classification |
|---|---|---|---|
| IRQ - 3rd Party Engagement Onboarding | None | Scope external due diligence sent | IRQ Template |
| IRQ - 3rd Party Engagement Onboarding - Singapore | None | Scope external due diligence sent | IRQ Template |
| IRQ - 3rd Party Engagement Onboarding - EU | None | Scope external due diligence sent | IRQ Template |
| IRQ - 3rd Party Engagement Additional Due Diligence | None | Scope external due diligence sent | IRQ Template |
| IRQ - 3rd Party Engagement Renewal | None | Scope external due diligence sent | IRQ Template |
| IRQ - 3rd Party Eng. Offboarding No Due Diligence | None | Scope external due diligence sent | IRQ Template |
| IRQ - 3rd Party Eng. Offboarding with Due Diligence | None | Scope external due diligence sent | IRQ Template |
| OSHA - Sample Questionnaire | Compliance Risk | OSHA | Questionnaire template |
| FDA - Sample Questionnaire | Compliance Risk | FDA | Questionnaire template |
| Financial - Sample Questionnaire | Financial Risk | Questionnaire template | |
| ABAC - Sample Questionnaire | Anti-Bribery and Corruption Risk | Questionnaire template | |
| Export Control - Sample Questionnaire | Business Continuity Risk | Questionnaire template | |
| Supply Chain - Sample Questionnaire | Business Continuity Risk | Questionnaire template | |
| CCPA - Sample Questionnaire | Privacy Risk | Questionnaire template | |
| HIPPA - Sample Questionnaire | Privacy Risk | Questionnaire template | |
| GDPR - Sample Questionnaire | Privacy Risk | Questionnaire template | |
| BCM - Sample Questionnaire | Business Continuity Risk | Questionnaire template | |
| NIST - Sample Questionnaire | Security Risk | Questionnaire template | |
| Environmental Full - Sample Questionnaire | Environmental Risk | Questionnaire template | |
| Environmental Lite - Sample Questionnaire | Environmental Risk | Questionnaire template | |
| ESG - Sample Questionnaire | Environmental Risk | Questionnaire template | |
| CAIQ 4.0.2 Sample Questionnaire | Security Risk | Questionnaire template | |
| FCPA Sample Questionnaire - UK | Anti-Bribery and Corruption Risk | Questionnaire template | |
| TPRM General Question Sample Questionnaire | Compliance Risk | Questionnaire template | |
| German Supply Chain Due Diligence - Sample Questionnaire - EU | Business Continuity Risk | Questionnaire template | |
| PCI DSS - Sample Questionnaire | Compliance Risk | Questionnaire template | |
| SOX - Sample Questionnaire | Compliance Risk | Questionnaire template | |
| AML - Sample Questionnaire | Anti-Bribery and Corruption Risk | Questionnaire template | |
| SEC - Sample Questionnaire | Financial Risk | Questionnaire template | |
| CFPB - Sample Questionnaire | Compliance Risk | Questionnaire template | |
| FTC - Sample Questionnaire | Compliance Risk | Questionnaire template | |
| CAA Clean Air Act - Sample Questionnaire | Environmental Risk | Questionnaire template | |
| CWA Clean Water Act - Sample Questionnaire | Environmental Risk | Questionnaire template | |
| FAA Federal Aviation Admin Sample Questionnaire - US | Compliance Risk | Questionnaire template | |
| DOT Department of Transportation - Sample Questionnaire - US | Compliance Risk | Questionnaire template | |
| IRS Internal Revenue Service - Sample Questionnaire - US | Compliance Risk | Questionnaire template | |
| Operational Resiliency - Sample Questionnaire | Resiliency Risk | Questionnaire template | |
| Competition - Sample Questionnaire | Compliance Risk | Questionnaire template | |
| Supply Chain Resiliency - Sample Questionnaire | Resiliency Risk | Questionnaire template | |
| 12CFR Part 1016 Privacy -Sample Questionnaire | Privacy Risk | Questionnaire template | |
| GLBA Gramm-Leach-Bliley Act - Sample Questionnaire - US | Privacy Risk | Questionnaire template | |
| RBI Reserve Bank of India - Sample Questionnaire - India | Financial Risk | Questionnaire template | |
| Medical Billing - Sample Questionnaire | Compliance Risk | Questionnaire template | |
| MiFID II Markets in Financial Instruments Directive II - Sample Questionnaire - EU | Financial Risk | Questionnaire template | |
| PSD2 Payment - Sample Questionnaire -EU | Compliance Risk | Questionnaire template | |
| Conflict Minerals - Sample Questionnaire | Reputational Risk | Questionnaire template | |
| Hi-Trust Health Info Trust Alliance - Sample Questionnaire | Security Risk | Questionnaire template | |
| Bribery Act 2010 - Sample Questionnaire | Anti-Bribery and Corruption Risk | Questionnaire template | |
| CPRA California Privacy Rights Act - Sample Questionnaire | Privacy Risk | Questionnaire template | |
| CIS Critical Security Controls - Sample Questionnaire | Security Risk | Questionnaire template | |
| Cyber Essentials - Sample Questionnaire | Security Risk | Questionnaire template | |
| MAS Monetary Authority of Singapore BCM - Sample Ques. - Singapore | Business Continuity Risk | Questionnaire template | |
| PDPA Personal Data Protection Act - Sample Ques. - Singapore | Compliance Risk | Questionnaire template | |
| CSA Cyber Security Agency of Singapore - Sample Ques.- Singapore | Security Risk | Questionnaire template | |
| Sustainable Singapore Blueprint - Sample Ques - Singapore | Environmental Risk | Questionnaire template | |
| Strategic Goods (Control) Act - Sample Ques. - Singapore | Business Continuity Risk | Questionnaire template | |
| Workplace Safety and Health Act WSHA - Sample Ques. - Singapore | Compliance Risk | Questionnaire template | |
| Singapore's anti-corruption and bribery regulations - Sample Ques. - Singapore | Anti-Bribery and Corruption Risk | Questionnaire template | |
| TradeFirst - Sample Questionnaire - Singapore | Business Continuity Risk | Questionnaire template | |
| EU-OSHA - Sample Ques. - EU | Compliance Risk | Questionnaire template | |
| Element Product Risk - Sample | Questionnaire template | ||
| Element Facility Risk - Sample | Questionnaire template | ||
| Element Facility Datacenter Risk - Sample | Questionnaire template | ||
| Element Beneficial Owner Risk - Sample | Questionnaire template | ||
| Element - Product Info. Collection- Sample | Third-party element collection | Questionnaire template | |
| Element - Facility General Info. Collection- Sample | Third-party element collection | Questionnaire template | |
| Element - Facility Datacenter Info. Collection- Sample | Third-party element collection | Questionnaire template | |
| Element - Beneficial Owner Info. Collection- Sample | Third-party element collection | Questionnaire template | |
| Gen AI - Sample Questionnaire | Questionnaire template |