Google has published an interactive questionnaire that companies can use to assess the security practices of their suppliers or to review and improve their own security programs.
The Vendor Security Assessment Questionnaire (VSAQ) is a Web-based application and was released under an open-source license on GitHub. It contains a collection of questionnaires that Google itself uses to review multiple aspects of a vendor’s security.