Solve the NDA Pain During Your Next Security Review: Whistic Security Profile Update

October 30, 2018

If you keep up with Whistic, you know that there are two key challenges that our intuitive vendor assessment platform addresses: 1) assessing the risk of your third-party vendors; and 2) proactively responding to security questionnaires using a Whistic Security Profile™. In this post we’re going to explore one of the features of the Security Profile that makes proactively responding to questionnaires so powerful.

Many Infosec teams simply waste too much time answering the same security questions over and over again. These are the custom security questionnaires your team shouldn’t dedicate hours responding to, but that you need to respond to because they come from new prospects, existing customers, or potential partners. Forward-thinking companies are adopting a more proactive approach that goes beyond the knowledge base for responding to custom questions more quickly, and these companies are finding ways to gain more leverage during their security reviews.

Introducing Our Newest Feature: Custom NDA Capabilities

Our product team spends a significant amount of time fine-tuning Whistic’s Security Profile in response to customer feedback. It’s such a critical part of the vendor assessment process that any update we make to it can save time, eliminate wasted effort, or generate more sales revenue — and in some cases, all three. Our most recent update to the Whistic’s Security Profile circles all three benefits.

We’re excited to announce that within Whistic, your team now has the ability to upload your company’s custom non disclosure agreement (NDA) while also capturing a click-through agreement to the NDA before granting access to your security profile information.

Why Does The Feature Matter?

The NDA process is a major headache for sales, legal, and security teams as they try and facilitate sharing of their documents and questionnaires. We hear many complaints about the pain of tracking NDAs down and how it slows the process. A security review is so much more than just responding to a set of questions — it also involves a legal process of determining who should be able to access your information, and under what contractual conditions. That’s why we built it right into Whistic’s Security Profile sharing workflow. The best part? Once your custom NDA has been uploaded, any of your customers that has been granted permission to view your Security Profile will be required to accept the terms of your NDA before viewing your information. And whenever an NDA is sent, it’s automatically tracked in Whistic so that your admin team can see exactly who engages with it, accepts (or doesn’t), and when.

When Can I Start Using The Custom NDA Feature?

It is already available! Speak with your Customer Success Manager today to learn if this feature is available in your current package.

Ready to Learn More?

Check out our resources below for more third party vendor best practices and insights on how your organization can effectively approach security assessments.


Why Third Party Security is Critically Important

Request a Live Demo with a Whistic Product Specialist

information security vendor risk management whistic security questionnaires whistic security profile

About the author


The latest insights and updates on information security and third party risk management.

Hate security reviews?
Want FREE AirPods?*

Offer valid for any decision-maker/influencer in relation to your company’s third-party risk management strategy. Company size must exceed 100 employees. Exclusions apply. Limit 1 pair per company.