Skip to main content

Assessments (Questionnaires)

Overview

Assessments are reusable questionnaire definitions used to collect structured responses for compliance and risk workflows. Teams use them for internal attestations, vendor due diligence, and periodic review processes.

In Openlane, assessments are commonly paired with campaigns for distribution and tracking. Assessment responses then provide auditable records of participation and completion.

Compliance Significance

  • SOC 2: CC2 and CC7 governance and monitoring support
  • ISO 27001: periodic review and supplier evaluation support

Practical Examples

  • A GRC team maintains one vendor questionnaire and reuses it across annual assessments.
  • A compliance team sends policy attestation assessments to all active personnel and tracks completion status.

Examples

OperationAPI
Create/update assessment definitionsAPI-first (GraphQL or Go client)
Recipient intake for campaignscreateCampaignWithTargetsCSV
# Recipient targets for an assessment campaign
Email,FullName,Status
security@vendor-one.com,Vendor One Security Team,NOT_STARTED
security@vendor-two.com,Vendor Two Security Team,NOT_STARTED
# Campaign target status updates
ID,Status,CompletedAt
CTG01J9TARGET111111111111,IN_PROGRESS,
CTG01J9TARGET222222222222,COMPLETED,2026-04-10T18:20:00Z
Last updated on by Matt Anderson