https://www.navex.com/en-us/platform/manage-third-party-risk/simplified-vendor-risk-management/