Skip to content
2020 H-ISAC Third-Party Risk Solution Survey
Demographic Information
Thank you for your assistance. The H-ISAC Member Survey will be used to help us to better understand our members and their unique environments.
*
1.
Member Organization
Please indicate the name of the member organization for which you work.
If the response to this question is not a valid member organization, the survey responses will not be used.
(Required.)
*
2.
What membership tier is your company?
(Required.)
Tier 1: < $100MM in Revenue
Tier 2: $100MM < Revenue < $1B
Tier 3: $1B < Revenue < $5B
Tier 4: $5B < Revenue < $10B
Tier 5: $10B < Revenue < $15B
Tier 6: $15B < Revenue < $20B
Tier 7: Revenue > $20B
Tier 8: Academia
Other (please specify)
*
3.
Type of Organization
Please select the type of your organization.
(Required.)
Healthcare provider
Payer
Pharmaceuticals
Medical device/diagnosis
Biotechnology
Healthcare IT
Other (please specify)
4.
Do you have a third-party risk management plan?
Yes
No
In the planning process
I don't know, it is not my responsibility
5.
How many organizations fall under your third-party risk program?
less than 1,000
1,000 - 9,999
10,000 - 49,999
50,000 - 99,999
100,000+
6.
Do you use a third-party risk scoring solution? (select all that apply)
No
Risk Recon
Security Scorecard
BitSight
Other (please specify)
7.
Approximately what percentage of your third-parties do you track risk scores?
less than 15%
15-24%
25-49%
50 - 74%
75% or more
8.
How do you manage third-party risk questionnaires?
We do not use questionnaires
Manually with spreadsheets
We outsource the entire process
We use the H-ISAC Prevalent solution
We use Prevalent, but not through H-ISAC
We use another vendor (please specify)
9.
Approximately how many of your vendors are required to complete questionnaires? (total, not annually)
less than 100
100 - 499
500 - 999
1,000 - 4,999
5,000+
N/A
10.
Do you use the H-ISAC questionnaire? Why or why not?
11.
What other third-party risk services or solutions do you use?
12.
What other third-party risk services or solutions should H-ISAC consider offering?
13.
Name (Optional)
If you would like the H-ISAC to be able to follow up with you if there are questions about your responses, please provide your name and email address.
Name
Email Address
