A security questionnaire is a structured set of questions an enterprise buyer sends a vendor to assess the vendor's security and compliance posture before purchasing. It covers areas like access control, encryption, incident response, and certifications. Completing it is a standard gate in the B2B sales and procurement process.
Common formats include the SIG (Standardized Information Gathering) questionnaire and CAIQ. They arrive late in the deal and can stall it for weeks if a vendor scrambles to answer from scratch.
A current SOC 2 or ISO 27001 report short-circuits much of the questionnaire, since buyers accept the attestation in place of many individual answers. A maintained answer library and a named security owner turn a multi-week fire drill into a same-week turnaround.
traztech delivers security questionnaire response and vendor reviews for startups and growth-stage companies, led by a published CVE researcher.
Book a call