How to use this worksheet
Use this before sending a questionnaire response to a customer, prime contractor, insurer, or supplier portal. Keep answers factual. If a question affects a contract, legal duty, official program submission, or customer representation, verify it before relying on it.
1Identify the source
- Who sent the questionnaire?
- Is it tied to a contract, renewal, insurance policy, or informal vendor review?
- Are there instructions or definitions?
- Is there a deadline?
2Separate question types
- General security practice
- Formal compliance claim
- Contract clause
- Insurance representation
- CMMC/NIST/CUI/FCI question
- Canadian program or protected-information question
3Gather support
- Ask IT for technical facts
- Ask management for policy facts
- Ask legal or contract support for commitment language
- Ask the customer for clarification if wording is unclear
4Final review
- Do answers match evidence?
- Are uncertain answers marked for follow-up?
- Has someone approved the response?
- Was a copy saved with the date and source?
Suggested output
After completing this worksheet, create a dated internal note listing open questions, documents to verify, people to involve, and decisions that should not be made without qualified review.
Official sources to verify
Use these official sources for current requirements. This page is educational and may not reflect every contract-specific detail.