This workflow contains community nodes that are only compatible with the self-hosted version of n8n.
π₯ Who is this for?
This workflow is designed for a variety of professionals who manage vendor relationships and data security. It is especially beneficial for:
-
π‘οΈ GRC (Governance, Risk, and Compliance) Professionals: Streamline your risk assessment processes
-
π Information Security Teams: Quickly evaluate the security posture of third-party vendors
-
π Procurement Departments: Enhance due diligence when onboarding new service providers
-
π Startup Founders: Efficiently assess vendors without a dedicated security team
This tool is perfect for anyone looking to automate the manual review of vendor websites, policies, and company data. β¨
π― What problem is this workflow solving?
Manual vendor due diligence is a time-consuming process that can take hours for a single vendor. This workflow automates over 80% of these manual tasks, which typically include:
- π Finding and organizing basic vendor information
- π’ Researching the company's background
- π Collecting links to key documents like Privacy Policies, Terms of Service, and Trust Pages
- π Manually reviewing each document to extract risk-relevant information
- π Compiling all findings into a formatted report or spreadsheet for record-keeping
By leveraging Gemini for structured parsing and web scraping with live internet data, this workflow frees you up to focus on critical analysis and final review. β‘
βοΈ What this workflow does
This end-to-end automated n8n workflow performs the following steps:
-
π Intake: Begins with a simple form to capture the vendor's name, the business use case, and the type of data they will handle
-
π Background Research: Gathers essential background information on the company
-
β οΈ Risk Analysis: Conducts comprehensive research on various risk-related topics
-
π URL Extraction: Finds and validates public URLs for privacy policies, security pages, and trust centers
-
π Risk Assessment: Generates a structured risk score and a detailed assessment based on the collected content and context
-
π€ Export: Exports the final results to a Google Sheet for easy access and record-keeping
π Setup
To get started with this workflow, follow these steps:
-
π Configure Credentials: Set up your API credentials for Gemini and Jina AI
-
π Connect Google Sheets: Authenticate your Google Sheets account and configure the the Sheet where you want to store the results
-
π Download the Google Sheet template for your assessment ouput from here
-
βοΈ (Optional) Customize Prompts: Adjust the prompts within the workflow to better suit your specific needs
-
π― (Optional) Align Risk Framework: Modify the risk questions to align with your organization's internal vendor risk framework
