DEMO

You’re viewing AuditPilot with seeded data for Cedar Creek Family Medicine. Add Clerk + Neon environment variables to enable real multi-tenant data.

Vendor & Third-Party Management · AP-VM-002

Vendor risk assessed before onboarding

Before introducing a new vendor that touches PHI or critical systems, document a risk assessment.

PassingMedium

Remediation guidance

Fill out the AuditPilot vendor risk questionnaire before each new vendor goes live.

Status

Last checked6 hours ago

Next check dueApr 26, 2026

Weight8

Severitymedium

Framework requirements satisfied

HIPAA

§164.308(a)(1)(ii)(A)

Risk Analysis

SOC 2

CC9.2

Vendor Risk

HITRUST

05.i

Identification of Risks Related to External Parties

Linked evidence (0)

No evidence yet. Upload a screenshot, report, or signed document to mark this control as proven.