Questionnaires

Represent your organization’s unique security program in VISO TRUST.

With full control to design assessments around your individualized compliance and risk priorities, questionnaires make it easy to shape a security program as dynamic and specialized as your organization itself.

Creating and Managing Questionnaires

Organization-Level Questionnaire Management

1. Navigate to Settings > Questionnaires

   

2. Create a questionnaire using one of two options:
   1. Import using the provided template.
   2. Add questions individually.

1. Name your questionnaire.
   We recommend choosing a descriptive name. This will be visible to your vendors during an assessment.
2. (Optional) Enable for every relationship.
   You can choose to apply the questionnaire across all relationships. This default can be changed at the relationship-level.
3. Configure Response Method
   When creating or editing a questionnaire, you can now choose how responses are collected — either automatically by Artifact Intelligence (AI) or directly from the vendor.
   1. Answer with AI
      When this option is selected, Artifact Intelligence will attempt to answer questions automatically using available documentation and vendor artifacts.
      • This approach accelerates the assessment process and reduces manual effort.
      • You can still follow up with the vendor if clarification is needed.
   2. Require Vendor Response
      When this option is selected, the questions will be sent to the vendor during interactive assessments.
      • What the vendor sees: In collection, the vendor will be asked to answer the list of questions directly.
      • How results are delivered: In Risk Analysis, the questionnaire appears as a new risk dimension alongside your existing dimensions. Responses are displayed there and preserved as an artifact in the Artifacts table.
      Important Note: You can still require a one-off questionnaire response when starting a new collection request by selecting the option in Start Assessment Options.

Relationship-Level Questionnaire Management

To adjust questionnaires for a specific vendor:

1. Open the vendor’s Relationship Details Page and navigate to the Relationship Context section.
2. In Questionnaires, click Edit to toggle questionnaires for inclusion.
   1. You are also able to restore organizational defaults. 

   

Viewing responses

1. When enabled for a relationship, questionnaires are included in the scope of assessments.
2. Review responses in the Risk Analysis tab of the Relationship Details Page. 
   1. You can download the responses as a .csv

   

Frequently Asked Questions (FAQ)

How can I make sure a vendor responds directly to the questionnaire?

• Questionnaires can either be answered by AI first using provided artifacts, or be sent directly to the vendor for manual response. From the questionnaire management page, set the response type to determine the default setting for this. Additionally, you can get vendor responses by:
  • Answering with AI first, then sending a follow-up questionnaire scoped to the unanswered questions.
  • Require manual response from the vendor. This will send the questionnaire in the initial collection request without having to wait for artifacts to be validated. Learn more about configuring collection requests

Do questionnaires impact risk scores?

• No, questionnaires do not affect the inherent or residual risk score for a relationship.

Are responses to these questions validated?

• No, question responses are not validated by our audit team.

Is there a limit to how many questions can be added?

• Your question count maximum is based on your license. You can view your organization’s limit on the Questionnaire Management page or while creating a questionnaire. For more information, contact sales@visotrust.com.

What happens if I delete a questionnaire?

• Deleting a questionnaire removes it from future assessments but keeps all previously submitted responses intact.