Qualys, a provider of cloud security and compliance solutions, announced the availability of customizable questionnaires in its QualysGuard Cloud Platform and suite of integrated solutions for security and compliance.

Companies can use the new Questionnaire solution to centralize and automate the vendor risk assessment process, reducing time and increasing efficiency. It also helps companies ensure that their service providers and IT suppliers do not disrupt or hurt business performance.

The new service provides:

Questionnaire responder interface that offers  subject matter experts, an easy-to-use set of tools to quickly and efficiently assign and complete questionnaires, including evidence attachment by drag and drop, and quick delegation of questions, sections, or even entire questionnaires.

Visual Questionnaire designer, which provides analysts an intuitive user interface to visually design questionnaire and define requirements for evidence, comments or asset attachment.

Assessment workflow that includes the ability to automatically send assignments or reminder emails to questionnaire respondents, track progress and quickly identify non-active assessments.

Dashboards and reports providing insight into progress, compliance and risk posture for a single assessment or across a defined set of assessments.

Integrated library of 500+ regulations, standards, guidelines and best practices via the leverage of the Unified Compliance Framework, and the ability to automatically build a single questionnaire encompassing multiple regulations or standards such as the one provided by Shared Assessment program: SIG and AUP.  

QualysGuard's new customizable questionnaire service streamlines vendor risk programs by providing a centralized, secure and easy-to-deploy solution for vendor classification assessment, risk assessment and the approval of vendors based on their respective criticality.

QualysGuard Questionnaire simplifies each of these steps by providing an efficient way to:

Classify vendors by identifying the type of information shared with the vendors, such as Personal Identifiable Information (PII), Protected Health Information (PHI) and credit card information;

Assess the vendor risk by launching tailored assessments based on the vendor criticality; and

Track progress to reject or approve vendors, allowing customers to better manage their vendor security programs by making it transparent, consistent, accountable and repeatable, while proving compliance across multiple regulations or standards.