Automate Vendor Due Diligence Research with Gemini & Jina AI

Description

This workflow contains community nodes that are only compatible with the self-hosted version of n8n.

👥 Who is this for?

This workflow is designed for a variety of professionals who manage vendor relationships and data security. It is especially beneficial for:

🛡️ GRC (Governance, Risk, and Compliance) Professionals**: Streamline your risk assessment processes
🔒 Information Security Teams**: Quickly evaluate the security posture of third-party vendors
📋 Procurement Departments**: Enhance due diligence when onboarding new service providers
🚀 Startup Founders**: Efficiently assess vendors without a dedicated security team

This tool is perfect for anyone looking to automate the manual review of vendor websites, policies, and company data. ✨

🎯 What problem is this workflow solving?

Manual vendor due diligence is a time-consuming process that can take hours for a single vendor. This workflow automates over 80% of these manual tasks, which typically include:

🔍 Finding and organizing basic vendor information
🏢 Researching the company's background
📄 Collecting links to key documents like Privacy Policies, Terms of Service, and Trust Pages
📖 Manually reviewing each document to extract risk-relevant information
📊 Compiling all findings into a formatted report or spreadsheet for record-keeping

By leveraging Gemini for structured parsing and web scraping with live internet data, this workflow frees you up to focus on critical analysis and final review. ⚡

⚙️ What this workflow does

This end-to-end automated n8n workflow performs the following steps:

📝 Intake: Begins with a simple form to capture the vendor's name, the business use case, and the type of data they will handle
🔎 Background Research: Gathers essential background information on the company
⚠️ Risk Analysis: Conducts comprehensive research on various risk-related topics
🔗 URL Extraction: Finds and validates public URLs for privacy policies, security pages, and trust centers
📈 Risk Assessment: Generates a structured risk score and a detailed assessment based on the collected content and context
📤 Export: Exports the final results to a Google Sheet for easy access and record-keeping

🚀 Setup

To get started with this workflow, follow these steps:

🔑 Configure Credentials: Set up your API credentials for Gemini and Jina AI
📊 Connect Google Sheets: Authenticate your Google Sheets account and configure the the Sheet where you want to store the results
🔗 Download the Google Sheet template for your assessment ouput from here
⚙️ (Optional) Customize Prompts: Adjust the prompts within the workflow to better suit your specific needs
🎯 (Optional) Align Risk Framework: Modify the risk questions to align with your organization's internal vendor risk framework