Vendor Due Diligence

A clear picture of cybersecurity risks in your supplier relationships — and the contractual protections to manage them.

Who this is for

Organisations reviewing security of critical suppliers

Businesses required to assess supply chain security under NIS2

Companies entering new relationships with suppliers handling sensitive data

Organisations responding to customer security questionnaires about their supply chain

What We Do

What this service covers

Practical, tailored advice for your situation.

Supplier security assessment

Review of supplier practices against your requirements.

Contractual security requirements

Minimum standards for inclusion in supplier contracts.

Supplier contract review

Review of existing contracts for security provisions.

Supply chain risk register

Documentation of supply chain risks and mitigations.

Ongoing monitoring framework

A process for ongoing supplier security review.

Why Sammut Legal

NIS2 Article 21 requires organisations to address supply chain security. Many have limited visibility of critical supplier security practices.

Sammut Legal helps organisations understand supply chain obligations and build frameworks to manage supplier risk.

What to expect

Free consultation

We discuss your supplier landscape and key risks.

Scope agreement

We agree which suppliers to prioritise.

Contractual review

We review existing supplier contracts.

Gap assessment

We identify gaps and recommend improvements.

Template development

Standard supplier security requirements for new contracts.

Free Consultation

We offer a free initial consultation — no commitment, no invoice. Just a direct conversation about your situation.

Typically responds within one business day.