Vendor due diligence differs from due diligence on prospective and/or current donors, in that
typically prospect development professionals will not receive regular requests for vendor due diligence. Rather,
vendor due diligence is necessary on the buy-side of any relationship with a vendor, not only prior to purchase
but also after said purchase, as vendors change over time – either through acquisition and mergers or
through further development of their products and features. This toolkit is designed to help prospect
development professionals understand their role in vendor due diligence and is meant to offer best practices and
to augment any institutional policy regarding vendor engagement and procurement. If your organization does not
already have vendor due diligence policies and procedures in place, this toolkit will help you formulate your
own. Additionally, if your organization already has vendor due diligence policies and procedures in place, this
toolkit could suggest some improvements to your current policy and/or your current due diligence
What is Vendor Due Diligence
Prospect development professionals are tasked with mitigating risk to their nonprofit organization through a variety of activities. While typically these activities are aimed directly at prospective donors, prospect development professionals’ skills can also be employed for vendor due diligence processes. Vendor due diligence in this context is the analysis of available data to evaluate the risks of entering into an agreement or partnership with a prospective vendor or continuing an existing relationship with a current vendor. As vendors’ offerings change over time and vendors’ terms and conditions of service can update frequently over time, vendor due diligence should be conducted on a regular schedule. Prospect development professionals, as users of data products and software-as-a-service products, are uniquely positioned to perform vendor due diligence in that prospect development professionals understand the importance and confidentiality of an organization’s data as well as how that internal data can be enriched with external data and through available analytics and reporting platforms.
Vendor due diligence is the specific information analysis through the lens of ethical, legal, security, and privacy concerns the prospective or current vendor presents, either through former, current, or anticipated actions or those of connected persons. These concerns can range from criminal and legal issues to questionable sources of product development, such as with a data vendor the supply chain that vendor took to acquire that data to present such as a product offering. While prospect development professionals may not be the final decision makers, prospect development professionals may make recommendations regarding whether to move forward with a prospective or current vendor.