此内容尚未提供您的语言版本,正在以英文显示。

Vendor Due Diligence Patrick Munro

插件活跃

Framework for assessing IT vendors with structured risk assessments and regulatory checklists (GDPR, DORA, NIS2, SOX)

目的

To provide a structured and comprehensive framework for evaluating IT vendors and third-party partners, ensuring compliance and mitigating risks.

功能

Structured risk assessments for IT vendors
Multi-dimensional evaluation (financial, operational, compliance, security, reputational)
Integrated regulatory checklists (GDPR, DORA, NIS2, SOX)
Three-phase assessment process
Vendor risk scoring and comparison

使用场景

Evaluating new vendors and technology providers
Conducting third-party risk assessments for procurement
Performing critical vendor due diligence for regulatory compliance
Establishing ongoing vendor monitoring processes

非目标

Providing legal, financial, or specific technical advice
Replacing professional due diligence services
Automating vendor selection without expert oversight

License

warning:License usabilityThe bundled LICENSE.txt is the GNU Affero General Public License v3.0, which is a strong copyleft license. While permissive for personal use and modification, its network interaction clauses may pose challenges for some commercial distribution scenarios without careful consideration.

Compliance

info:GDPRThe skill references GDPR as a regulatory checklist but does not directly process personal data itself, though it advises users to consult professionals for compliance.

安装

请先添加 Marketplace

/plugin marketplace add lawvable/awesome-legal-skills

/plugin install vendor-due-diligence-patrick-munro@lawvable

包含 1 个扩展

Skill (1)

Vendor Due Diligence Patrick Munro 技能

Framework for assessing IT service providers, technology vendors, and third-party partners. Creates structured risk assessments across financial, operational, compliance, security, and reputational dimensions with regulatory checklists (GDPR, DORA, NIS2, SOX). Use when: (1) Evaluating new vendors or technology providers, (2) Conducting third-party risk assessments for procurement, (3) Performing critical vendor due diligence for regulatory compliance, (4) Creating vendor onboarding documentation, (5) Establishing ongoing vendor monitoring processes, (6) Assessing vendor concentration risk, or (7) Generating executive-level vendor risk reports.

质量评分

87 /100

1 day ago 分析

信任信号

最近提交2 months ago

GitHub 所有者 lawvable

星标349

许可证NOASSERTION

网站lawvable.com

状态

查看源代码

类似扩展

Legal Risk Assessment Anthropic

Assess and classify legal risks using a severity-by-likelihood framework with escalation criteria

插件

lawvable

Review Agent Governance

Require a human approval signal before an AI agent can post PR reviews, comments, merges, or writes to CI config. Cedar-gated, receipt-signed, designed for the Hermes-style failure mode where a review bot posts without oversight.

插件

wshobson

Accessibility Compliance

WCAG accessibility auditing, compliance validation, UI testing for screen readers, keyboard navigation, and inclusive design

插件

wshobson

Meeting Briefing Anthropic

Prepare structured briefings for meetings with legal relevance and track resulting action items

插件

lawvable

Security Compliance

SOC2, HIPAA, and GDPR compliance validation, secrets scanning, compliance checklists, and regulatory documentation

插件

wshobson

Ra Qm Skills

14 regulatory affairs & quality management skills for HealthTech/MedTech: ISO 13485 QMS, MDR 2017/745, FDA 510(k)/PMA, GDPR/DSGVO, ISO 27001 ISMS, SOC 2, CAPA management, risk management, clinical evaluation, and more. Agent skill and plugin for Claude Code, Codex, Gemini CLI, Cursor, OpenClaw.

插件

alirezarezvani