Vendor Risk Assessment (VRA)
Information Security Governance and Risk Control