What everyone’s missing when tackling security questionnaires
I’ve spent countless hours talking with CISOs and sales managers across every industry, learning about their challenges with compliance processes.
From all of these conversations, I can tell you that there are some points that everyone seems to miss—and that end up costing both resources and potential sales.
Remember, the questionnaire is not just a formality.
Your potential client wants to know if you’re (A) trustworthy and responsive, and (B) if you know what you’re talking about when it comes to the safety of your company and product.
So first things first: Accurate and complete information is key.
For all the sales reps out there desperately trying to cross these tedious assessments off their to-do lists, keep in mind that every follow-up question adds ON AVERAGE four days to the sales cycle.
Number 2: Relevance.
Someone on the other side of this deal will read the questionnaire once you send it back. You don’t want to bother them with facts that have nothing to do with their questions.
It can be very tempting to answer a question in a general way, which is technically correct but lacking in details. If a client asks you, for example, if you have certain security protocols in place, answering “Yes” isn’t enough. Responding “We implement the above protocols in the following way…” is an answer a client can smile about 😉
Number 4: Up-to-date.
This means coordination between sales, the compliance team, and the security people. If key security features change, make sure everyone who needs to know actually does. If you have the same answers on reserve without ensuring they’re up-to-date, that’s an embarrassment waiting to happen.
Last but not least: Consistency.
This means providing consistent answers across all sections of the questionnaire. If there are overlapping questions in a questionnaire (and I assure you there will be), it’s vital that there are no discrepancies between them. Even if all the answers are correct on their own, the fact that different answers are given on the same topics will set off a red flag in the client’s mind.
So there you have it. The five pro tips everyone seems to be missing when it comes to tackling security questionnaires.
Remember, questionnaires, as annoying as they can be, are an important opportunity to show the client your expertise, professionalism, and ability to address their concerns. Keeping the questionnaires sharp and on point is one of your biggest assets.