# Request Documents and Questionnaires from Vendors Sprinto enables you to request documents and security questionnaires from vendors as part of your vendor risk management and compliance workflows. Using this feature, you can: * Collect compliance documents (ISO, SOC, GDPR, PCI, etc.) * Send standard or custom security questionnaires * Configure vendor communication and internal notifications * Track submissions and responses * Lock submitted evidence for audit purposes *** ### Key Behaviours and Limits * Maximum **5 files per document request item** * Custom questionnaire upload limit: **500 MB** * Vendors can delete uploaded files **before submission only** * Submission is **final and irreversible** * Submitted responses become **read-only** * OTP-based secure vendor access *** ### Use Cases

Use Case	Description
Compliance collection	Request ISO, SOC, GDPR, and PCI documents
Vendor risk assessment	Send standardised security questionnaires
Custom evaluations	Upload organisation-specific questionnaires
Audit readiness	Capture locked evidence for audits
Exception handling	Allow vendors to justify missing documents

*** ### How it Works #### Step 1: Access the Vendor 1. Log in to the **Sprinto dashboard**. 2. Go to **Data Library**. 3. Select **Vendors**. 4. Open the **All vendors** tab. 5. Click on the required vendor.

*** #### Step 2: Create a Document Request 1. Navigate to **Documents & links**. 2. Click **Request docs from vendor**.

This opens the request panel where you configure documents, questionnaires, and communication settings.

*** #### Step 3: Configure the Request **Select Documents and Questionnaires** * Choose the documents you want the vendor to upload (for example, ISO 27001 Report, GDPR DPA, PCI DSS Report). * Add security questionnaires: * Pre-built templates (SOC, ISO, PCI aligned) * Custom questionnaire (upload your own file) For each item: * Mark it as **Required** or **Optional.**

*** **Add a Custom Security Questionnaire** To upload your own questionnaire: 1. Scroll to **Custom questionnaire**. 2. Select it. 3. Upload your file using: * Drag and drop, or * Click to upload **Supported file types:** CSV, DOC, DOCX, XLS, XLSX, PDF, ZIP, MSG, JSON\ **Maximum file size:** 500 MB After uploading: * Click **View** to preview the file. * Delete the file if needed. * Mark it as **Required** or **Optional.**

*** **Configure Email and Notifications** Set up how the request is communicated. **Recipients** * Add vendor email addresses who will receive the request link. **While requesting, notify** * Add internal stakeholders to be notified when the request is sent. **During request submission, notify** * Add recipients who should be notified when the vendor submits responses. **Include recipients in submission notification** * Enable this to notify earlier recipients when the vendor submits.

*** **Customise Email Content** You can edit the email sent to the vendor: * **Subject** – Define the email subject * **Header** – Add an optional header * **Body** – Provide context, instructions, and compliance requirements Optional: * Enable **Show list of selected documents in email** to include requested items.

*** #### Step 4: Preview and Send Request 1. Click **Preview & send request**. 2. Review: * Selected documents and questionnaires * Email recipients and content 3. Click **Send request**.

*** #### What Happens Next * The vendor receives a secure email link. * They verify their identity using OTP. * They: * Upload requested documents (up to 5 files per item) * Answer questionnaires or upload responses * Mark documents as unavailable (with justification, if needed) * They submit the request. *** ### Manage and Edit Requests You can manage an existing request after it has been sent to vendors. 1. Go to **Documents & links**. 2. Open the **Requests** view.

3. Select the required request to open the **Request details** drawer. From here, you can manage the request lifecycle.

*** #### Edit an Existing Request You can modify a request after sending it. 1. Click **Edit** next to **Documents requested**. 2. Available actions include: * Add or remove requested documents * Add or remove security questionnaires * Upload or update a custom questionnaire * Change document/questionnaire requirement status * Update request configuration 3. Click **Update request** once you have made the required changes.

4. In the pop-up the opens, review the changes. 5. Click Confirm to update your request.

{% hint style="warning" %} #### Important Documents or questionnaires that have already been uploaded or answered by the vendor cannot be removed or recalled. These appear under **Uploaded / answered (cannot be recalled)**. {% endhint %} *** #### Add More Vendor Email Addresses You can include additional vendor recipients after a request has been created. 1. Open the request details drawer. 2. Under **Request sent to**, click **Add email address**.

3. Enter the additional vendor contact. 4. Click **Edit** if you wish to edit the email subject and message.

3. Click **Preview and send request** to preview your changes. 4. Review your changes and click **Send invite**.

The newly added recipient receives access to the same request. *** #### Send Reminder Emails You can manually remind vendors to complete pending requests. 1. Open the request details drawer. 2. Under **Request sent to**, click **Remind all**.

3. Sprinto sends reminder notifications to all recipients associated with the request. 4. Sent reminders are tracked under **Reminders sent**. *** #### Recall a Request You can recall an active request if it is no longer needed. 1. Open the request details drawer. 2. Scroll to **Recall request**. 3. Click **Recall**.

4. In the pop-up that opens, click **Recall**. After recall: * Vendors lose access to the request. * No additional uploads or submissions are allowed. * The request status changes to **Recalled.** *** #### Revoke Access for Individual Recipients You can revoke access for specific vendor contacts without recalling the full request. 1. Open the request details drawer. 2. Under **Request sent to**, locate the recipient. 3. Click **Revoke access**.

4. Click **Revoke** to confirm the action. Once revoked: * The recipient can no longer access the request * Other recipients retain access *** #### Track Request Activity The request details drawer also provides visibility into: * Requested documents and questionnaires * Submission status * Recipient list * Reminder history * Request ownership and timestamps This helps monitor vendor engagement throughout the request lifecycle. *** ### Post-Submission Behaviour After the vendor submits: * Submitted items appear under **Uploaded / answered (cannot be recalled)** * These items: * Cannot be edited * Cannot be deleted * Are stored as audit evidence * Questionnaires change from **Start answering** to **View responses** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sprinto.com/data-library/vendors/dashboard-actions/request-documents-and-questionnaires-from-vendors.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.