WatchDog Security Help Center
    Admin Guide
    • Docs Home
    • Admin Guide
    • User Guide
    • MSP Guide
    • Getting Started
    • Create Your Free Organization
    • Domain Reservation
    • Company Management
      • Manage Branding
      • Delete Organization
    • Notification Center
      • Organization Events
      • User Events
      • Configure Notification Settings
      • User Notification Override
    • Posture Management
      • View Integrations
      • Configure Automated Integrations
      • Manage Automated Monitors
      • Configure Manual Integrations
      • Manage Manual Monitors
    • WatchDog University
      • Assigning Courses using WatchDog University
      • Auditing Course Completion
      • Downloading a Certificate of Completion
    • Policy Management
      • Create Policy
      • Publish Policy
      • Track Policy Acceptance
      • Send Policy Reminder
      • Update Policy
      • Download Policy Version
      • Delete Policy
      • Retire Policy
    • Risk Management
      • Perform A Risk Assessment
      • View and Manage Risks in Risk Register
      • Create Manual Risk
      • Edit and Manage Risk
      • Manage Risk Tasks
      • Manage Risk Lifecycle
    • Vendor Management
      • Add Vendor
      • Track Security Events
      • Manage Vendor Documents
      • Perform Vendor Assessments
      • Classify Vendor Risk
    • Inventory
      • Add Inventory Item
      • Update Inventory Item
      • Auto Populate Inventory
    • Compliance Center
      • Add Compliance Framework
      • Edit Compliance Framework
      • Assigning Control Owners
      • Pause Monitors and Documents
      • Manage Compliance Documents
      • Schedule Audit
      • Automated Monitoring
      • Cross-Framework Reuse
      • Progress Tracking
    • Trust Center
      • Customize Trust Center
      • Manage Trust Center Access
      • Monitor Access Activity (Events)
      • Custom Domain Setup
    • Vulnerabilities
      • Centralized Vulnerability Tracking
      • Import Vulnerabilities
      • Create Manual Vulnerabilities
      • Assign And Collaborate On Vulnerabilities
      • Configure Time To Remediate (TTR)
    • Control Panel
      • Manage Support Access
      • Phishing Campaigns
        • Creating an Allowlist for Phishing Simulations in Microsoft 365
        • Configure Google Workspace Allowlist for Phishing Simulations
    • User Management
      • Add Users
      • Configure Directory Sync
      • Manage User Access
      • Assign Licenses
      • Manage Invites And Users
      • Change Account Owner
      • Reset 2FA
    • Integrations

    Vendor Management

    Vendor Management allows organizations to track, assess, and monitor third-party vendors that interact with their business.
    This feature helps security teams maintain visibility into vendor risk by centralizing vendor records, security documentation, assessments, and external security events in a single location.
    It is designed to support both operational vendor tracking and compliance-driven vendor risk management processes.
    Who can use this feature?
    All Account Owners and Security Admins
    Any End Users assigned as an owner to one or more vendors
    Available on the Free, Core and Business plans

    Key Features#

    Add Vendors
    Add vendors from a predefined list or create custom vendors with key details and ownership.
    Track Security Events
    Monitor vendor-related security incidents and breaches using external data sources.
    Manage Documents
    Store and manage vendor documents such as NDAs, compliance reports, and certifications.
    Perform Assessments
    Evaluate vendor security using manual reviews, attestations, or questionnaires.
    Classify Vendor Risk
    Assign data types to vendors to determine risk level and required controls.

    Vendor Assessment Methods#

    WatchDog supports three different approaches to evaluating vendor security:
    Manual Review
    Security teams answer structured questions based on publicly available vendor information.
    Compliance Attestation Review
    Organizations review vendor-provided compliance reports such as SOC 2 or ISO 27001.
    Security Questionnaire
    Vendors complete a questionnaire that is reviewed and stored within the platform.
    Each method provides flexibility depending on vendor maturity and available documentation.

    Vendor Data & Risk Classification#

    Vendors are classified based on the type of data they access or process.
    Data types range from low-risk (public data) to high-risk (financial data, PHI, SPII).
    This classification helps determine:
    Required security controls
    Assessment depth
    Ongoing monitoring requirements
    Selecting accurate data types is critical for proper risk evaluation.

    Vendor Lifecycle#

    Vendor Management supports the full vendor lifecycle:
    Vendor onboarding and creation
    Risk classification and ownership assignment
    Security documentation collection
    Security assessment and review
    Continuous monitoring through security events
    Ongoing updates and document management
    This ensures vendors remain compliant and secure over time.

    Troubleshooting#

    Cannot Add Vendor
    If a vendor cannot be added:
    Ensure you have the Account Owner or Security Admin role
    Verify all required fields such as Name, Owner, and Accessed Data Types are completed
    For custom vendors, ensure a valid Website is provided
    Documents Not Uploading
    Security Events Not Visible
    Assessment Cannot Be Completed
    Modified at 2026-03-17 21:55:09
    Previous
    Manage Risk Lifecycle
    Next
    Add Vendor
    Built with