(1) Vendor needs to provide IT governance, risk, and compliance solution. • Process of enhancing management and governance across several technology areas IT governance, risk, and compliance, data governance, data platform, and AI Governance • Automates the process of vendor due diligence, including sending questionnaires and collecting cybersecurity documentation. • Provides real–time updates on a third party's security posture and risk level. • Offers a system to rate a vendor's security performance, allowing to identify and address vulnerabilities proactively. • Creates a single, centralized location for all vendor risk information, including compliance status and assessment results. • Helps Automated workflows: Automates the process of vendor due diligence, including sending questionnaires and collecting cybersecurity documentation. • Implements controls, such as contract clauses, security requirements, or even disqualifying a vendor, to address identified risks. • Centralized data management: Creates a single, centralized location for all vendor risk information, including compliance status and assessment results. (2) All the questions must be submitted no later than February 17, 2026.