Track every third-party provider, link them to the controls they affect, attach contract references.
- 6 vendor categories with full CRUD
- Service-provider assignment on controls
- Registry code, contact, contract reference fields
- Audit-logged changes
- Direct fit for GDPR Article 28 processor management and NIS2 supply-chain due diligence