What the vendor can reach
Systems, data types, user roles, admin privileges, integrations, shared accounts, remote access, and customer-facing dependencies.
Vendor Review
AgileCT helps leadership decide whether a software tool, IT provider, processor, or outsourced service has enough proof to be approved, renewed, or escalated.
What We Review
Systems, data types, user roles, admin privileges, integrations, shared accounts, remote access, and customer-facing dependencies.
Security summaries, audit reports, insurance, privacy terms, breach process, downstream providers, backup posture, and incident notification commitments.
Operational dependency, revenue impact, privacy exposure, contractual obligations, customer commitments, and realistic recovery options.
What Changes The Price
Final pricing depends on vendor count, data sensitivity, vendor criticality, evidence availability, renewal timing, required stakeholder interviews, and whether follow-up questions or approval conditions need tracking.
Share the vendor type, data access, renewal timing, and evidence you already have so we can size the review.
Assessment Output
Risk tier for each vendor based on access, data sensitivity, dependency, geography, evidence quality, and business criticality.
Questions to ask the vendor when evidence is missing, stale, vague, or inconsistent with the role they play in your environment.
Approval recommendation: proceed, proceed with conditions, require fixes, defer, or escalate for leadership review.
Follow-up tracker for owner, due date, requested proof, alternative safeguards, renewal timing, and next review date.
When It Helps
Assess a tool before it gets access to customer data, finance data, identity, email, or production systems.
Understand remote access, admin responsibility, backup support, logging, escalation, and incident notification gaps.
Review vendors that handle personal information, cross-border storage, subprocessors, or customer-facing data flows.
Compare vendors before renewal, reduce duplicate tools, and document why a high-risk vendor remains approved.
Packages
$1,500-$3,500
Assess one high-impact vendor and produce a risk summary, evidence gaps, questions, and approval recommendation.
$4,500-$9,500
Review a priority vendor set, tier risk, identify missing proof, and build a follow-up plan for owners and renewals.
Scoped
Maintain a recurring review rhythm for critical vendors, stale evidence, exceptions, renewal windows, and new third-party approvals.
Next Step