Vendor Self-Service Portal
How vendors complete assessments without creating an account
Overview
The Vendor Self-Service Portal allows your vendors to complete security assessments without creating an Ezy Risk account. When you send an assessment, the vendor receives a unique, secure link that gives them direct access to complete the questionnaire.
This frictionless experience leads to higher response rates and faster assessment completion.
For Assessment Creators
Create the Assessment
Go to Assessments → New Assessment. Select the vendor and choose a template.
Send the Assessment
Click "Send Assessment" - Ezy Risk automatically emails the vendor a secure link. You can also copy the link to share it manually.
Track Progress
Monitor completion status in your dashboard. You'll see when the vendor starts, how many questions are completed, and when they submit.
Receive Notification
When the vendor submits, you receive an email notification with the calculated risk score and a link to review the full assessment.
The Vendor Experience
Here's what your vendors see when completing an assessment:
Secure Link Access
Vendors click the unique link in their email. No login required - the token in the URL authenticates their access to this specific assessment only.
Answer Questions
Questions are presented section by section. Vendors can answer with Yes/No, select from options, or provide text explanations depending on question type.
Upload Evidence
For questions requiring evidence, vendors can upload supporting documents like security policies, certifications, or audit reports (PDF, DOC, images up to 10MB).
Save Progress
Answers are automatically saved as vendors complete each question. They can close the browser and return later using the same link to continue.
Submit Assessment
When complete, vendors click "Submit Assessment". They receive a confirmation and can no longer edit responses (though they can view their submissions).
Security Features
- Unique Token Links
Each assessment has a cryptographically secure, unique URL token that cannot be guessed.
- Link Expiration
Links automatically expire after the assessment due date, preventing unauthorized access.
- Read-Only After Submission
Once submitted, assessments cannot be modified, ensuring response integrity.
- Audit Trail
All vendor actions are logged with timestamps for compliance and review purposes.
- HTTPS Encryption
All data transmission is encrypted using TLS 1.3 to protect sensitive information.
Reminders & Follow-ups
Ezy Risk helps ensure vendors complete assessments on time:
- Automatic Reminders: Vendors receive email reminders 7 days and 1 day before the due date
- Manual Nudge: Click "Send Reminder" on any pending assessment to nudge the vendor
- Extend Deadline: If vendors need more time, you can extend the due date
- Overdue Alerts: Get notified when assessments pass their due date without completion
Frequently Asked Questions
Can vendors edit responses after submitting?
No, once submitted, responses are locked. If changes are needed, you can create a new assessment or contact support to reopen the assessment in special circumstances.
What if a vendor loses their link?
You can resend the assessment from your dashboard. Click on the assessment and select "Resend Link" - the vendor will receive a new email with the same access link.
Can multiple people from the vendor complete the assessment?
Yes, the link can be shared internally at the vendor organization. Anyone with the link can contribute to responses. However, there's no concurrent editing - the last saved response wins.
What file types can vendors upload?
Vendors can upload PDF, DOC, DOCX, XLS, XLSX, PNG, JPG, and GIF files. Maximum file size is 10MB per file.