Ask someone who responds to security questionnaires how many questions they see, and they’ll casually reveal a number that’s somewhere in the realm of well over a thousand questions. Any vendor offering a SaaS solution will face the Standardized Information Gathering (SIG) questionnaire at some point. Depending on the version of the SIG, it typically clocks in around a few hundred questions.
Today 97% of organizations use cloud services, according to McAfee’s Practical Guidance and the State of Cloud Security Report. With that widespread adoption comes more security questionnaires for SaaS vendors to respond to.
We speak from personal experience, because we are a SaaS vendor who has been in your shoes. We too must respond to security questionnaires constantly. In our world, a smaller security assessment will usually contain 250 questions, a mid-sized questionnaire will have 650, and the largest assessments have about 2500 questions.
The advantage for us—and for our clients—is that we leverage RFP software to overcome inefficiencies. Everyday we talk to organizations who struggle with a manual RFP response process when they can greatly improve productivity with an automated solution.
This month we released an exciting new feature that allows you to import Standardized Information Gathering (SIG) questionnaires with one click. Here is some information about RFPIO’s SIG template import and how it will solve inefficiencies to help you win back time.
The First Critical Step in Every RFP Project is the Import
A SIG is a massive security and compliance questionnaire—figuring out where to begin can be an overwhelming task. When using RFP software, importing is the first and arguably most critical step, because it sets the tone for the entire project. If the import causes any friction, teams will spend time they don’t have to spare.
With intelligent RFP technology, an import is actually a time-savings opportunity for teams. That even applies to spreadsheets with thousands of questions. Based on your personal history with large scale vendor assessments, it’s likely difficult to imagine importing such a sizable spreadsheet into your RFP response automation solution quickly.
After enduring our own inefficiencies over the years, we found a way to load the information in one click with the SIG template import. Long days in the office spent responding to our most recent SIG pushed us over the edge, and inspired us to do something about it.
How the Security Questionnaire Template Solves Inefficiencies
A SIG is a very macro-heavy Excel, and traditionally it’s been a challenge to bring it into any automated RFP response solution. Excel macros are built into how the dependent questions come up and how the completion metric is calculated. Because you’re working with a standard template, you as the responder must answer the same questions repeatedly.
In other cases, standard questions might be seen as a good thing—but not with a Standardized Information Gathering Questionnaire. These security assessments are clearly exhausting for anyone tackling thousands of questions. No other RFP automation solution is currently in place that can solve this SIG situation, and that leaves you searching for alternatives that are less than desirable.
One option is to hire interns as users to do a comparison and transpose the answers. Another option is to submit a previous version of a SIG that you responded to, and see if the issuer will accept it. However, typically issuers add their own questions, and you might lose the deal because your responses aren’t up to snuff.
Recently I spent a week and a half with a SIG questionnaire. While flying to San Francisco for a conference, I was working on this SIG the entire time I was traveling—on the plane, in the car—racing to meet the deadline. Finally, I said: “Macro or not…we’ve got to fix this thing.” So, we did.
As you respond to a SIG questionnaire, RFPIO understands how the macro is programmed and works with your selection process. If you answer “yes,” it knows the dependencies and presents those 150 or so questions to you. If you answer “no,” it knows not to show irrelevant questions.
RFPIO goes through the SIG questionnaire on its own, to learn which questions need to come after which answers. RFPIO helps you take control of the most complex security assessments, because the technology is able to handle multiple levels of dependencies and then translate and automate that for you. The key is then being able to export your responses back into the original format, so you’re not having to do any work when you’re done in the application.
“Completing security questionnaires used to be an extremely time-consuming process for our team. RFPIO offers a one-click SIG template import, in addition to auto-response and bulk answering features that promote speed and accuracy. What used to take days—or even weeks—now only takes us a couple of hours.” – Mandana Salehi, Director of Sales at Zapproved
Standardized Information Gathering Questionnaires in One Click
Now for the moment you’ve been waiting for…Standardized Information Gathering questionnaires can be imported into RFPIO with a single click. You upload the appropriate template (CAIQ, SIG – Core, SIG – Full, or SIG – Lite). You can import directly from your local computer or cloud storage, such as: Google Drive, Dropbox, OneDrive, or Box.
From here, you can move on with your day, since the project’s primary contact receives an email notification once the import process is completed. Meanwhile, RFPIO configures questions, sections, and subsections on your behalf. Once the import is finished, it’s time for you to jump back into the project to review questions and sections.
This is where auto-response works its magic to populate your SIG questionnaire with the most relevant matches from your answer library. The standardized nature of these questionnaires makes this response process very efficient through automation. You then customize as needed to ensure accuracy, or to add any necessary flourishes to wow that particular issuer.
Last, but certainly not least, you export everything back into the template of your choosing and send off to the issuer. Overall, less time will be spent on sizable vendor assessments so you can focus on other priorities.
There really is no need to dread the next massive SIG questionnaire that comes your way. With RFPIO’s SIG template import, you and your team can use speed and accuracy to compete thousands of questions to land the deal.
Ready to take our SIG template out for a spin? Schedule a demo to win back time.