What are Vendors?

Vendors are the business entities who provide you a service. Vendors are important because they expose you to third-party risk: if one of your vendors is hacked, your data might be affected.


Check out Aptible's Guide to Vendor Management

We've spilled a lot of ink about Vendor Management. Check out our Security Management Guide for more information about Vendor Management best practices.


When should I use a SaaS System, and when should I use Vendors?

Vendors are companies/organizations—legal entities that you have contracts (BAAs, SLAs, DPAs, etc.) with. SaaS systems are the tools you use that store or process your data. E.g., Google the company vs. Gmail, G Suite, etc. AWS vs. your specific VPCs. Slack vs. Slack (included to point out that sometimes the company and the software are called the same thing).

How can I add a Vendor?

  • Click on the Assets tab
  • Select the Vendors tab on the left hand navigation
  • Select Add Vendor in the top right
  • Add in the Name, Owner, Description, Vendor Documents and Status. We recommend dropping a link to the location where you store agreements and important documents relating to this vendor in the "Vendor Documents" field.
  • Status Legend:
    • Active: your company is actively working with and managing that vendor
    • Inactive: your company is no longer working with that vendor.

You can also add multiple vendors at once by clicking "Add in Bulk."