of 6— Prepare your scoring framework prompt

What you'll accomplish

By the end of this guide, you'll be able to run vendor questionnaire responses through Claude and get structured assessments in 20–30 minutes per vendor instead of 2 hours. You'll cover your entire third-party vendor backlog faster and produce more consistent assessments across your portfolio.

What you'll need

Claude Pro subscription ({{tool:Claude.price}}/month at {{tool:Claude.url}}) — needed for document uploads
Completed vendor questionnaire responses in PDF or Word format
Your organization's vendor risk framework or scoring criteria
Time needed: 15 minutes setup; 20–30 minutes per vendor assessment
Cost: {{tool:Claude.price}}/month

How-To Guide: Vendor Risk Assessment with Claude

Step 1: Prepare your scoring framework prompt

Before assessing your first vendor, define how you want Claude to score. Write a "framework prompt" you'll reuse for every vendor. Here's a starting template:

Copy and paste this

You are a third-party risk analyst. I will upload a vendor questionnaire response. Assess the vendor's risk posture across these control domains, scoring each 1-5 (1=significant gaps, 5=strong controls):
- Data security and encryption
- Access controls and identity management
- Incident response and notification
- Business continuity / disaster recovery
- Compliance certifications (SOC 2, ISO 27001, etc.)
- Fourth-party/subcontractor risk

Output:
1. Overall risk rating: Critical/High/Medium/Low
2. Domain scores table
3. Key strengths (2-3 bullets)
4. Critical gaps requiring remediation (if any)
5. 3 follow-up questions to ask this vendor
6. Recommended due diligence actions before contract/renewal

Save this prompt in a text file — you'll paste it before every vendor assessment.

Tools:Claude