The Vendor Risk Management (VRM) review process helps align potential vendors with security control objectives outlined by the Dartmouth Information Security Committee (DISC). All vendors that work with Dartmouth must align with these objectives. During this review, the Information Security team will assess the risks associated with a vendor and how Dartmouth can best mitigate these risks.
You can submit a VRM review request by clicking on the button on the right or sending an email to Information.Security@dartmouth.edu. Please include as much information as possible, including the following:
- Whether Procurement Services has been involved in acquiring the technology, and which contact from Procurement Services you have been working with
- A full description of the information technology service, hardware, or software you are hoping to acquire
- An overview of the Dartmouth data that will be involved, including a detailed description of the data, along with how the data will be stored, processed, or transmitted.