Free Vendor Risk Assessment Templates | Smartsheet (2024)

In this article, you will find a range of free expert-tested vendor risk assessment templates that you can download in Excel, Word, and PDF formats.

Included on this page, you will find a vendor risk assessment template, a vendor evaluation with scorecard template, a sample vendor risk assessment questionnaire template, best practices for a vendor risk assessment, as well as top tips for developing a questionnaire.

Vendor Risk Assessment Template

Free Vendor Risk Assessment Templates | Smartsheet (1)

Also known as a third-party risk assessment, this template allows you to list assessment descriptions to identify the vulnerabilities associated with a specific vendor. Use the color-coded risk rating key to assign a rating to each risk description, and add notes in the space provided. Use this template to analyze each vendor, and tailor the risk assessment descriptions to fit your needs.

Download Vendor Risk Assessment Template

Excel | PDF

Basic Vendor Risk Assessment Checklist

Free Vendor Risk Assessment Templates | Smartsheet (2)

Use this basic vendor risk assessment checklist template to outline the steps your team needs to take in the risk assessment process. For each task, list a description, owner, due date(s), date(s) to revisit it, and any pertinent notes. With this checklist, you can streamline your process for each vendor and ensure you don’t miss any crucial steps along the way.

Download Basic Vendor Risk Assessment Checklist

Excel | PDF

Vendor Risk Evaluation with Scorecard Template

Free Vendor Risk Assessment Templates | Smartsheet (3)

You can use this vendor evaluation with scorecard template to assess the performance of a vendor after a specified period of time. This template is organized into categories, including administration, scope, staff, communication, health and safety, and schedule. There is also space to include information (such as corrective actions) that helps mitigate the risks you’ve identified. You can customize the evaluation categories, performance expectations, and color-coded score key to fit your needs.

Download Vendor Risk Evaluation with Scorecard Template

Excel | Word

Sample Vendor Risk Due Diligence Plan Template

Free Vendor Risk Assessment Templates | Smartsheet (4)

This vendor risk due diligence plan template provides a sample of steps to take in a due diligence process. This template organizes tasks into categories, with subtasks listed below each category; you can tailor these subtasks to fit the needs of your organization. There is also space to include task descriptions, the documentation location, task ownership, key dates, notes, and the status of each task.

Download Sample Vendor Risk Due Diligence Plan Template

Excel | PDF | Smartsheet

Vendor Risk Management Audit Framework Template

Free Vendor Risk Assessment Templates | Smartsheet (5)

Use this vendor risk management audit framework template to track audit information, as well as the status of the documentation you need for each vendor. List each third party your organization conducts business with. Then, input audit dates, vendor types, risk ratings, and the status of documentation to access all this information at a high-level view. There is an additional tab in this template that allows you to track the documentation status of an individual vendor at a granular level, including the status of documents you need for risk assessments, risk management policies, report documentation, and process and procedures. You can also use this template to support your company’s vendor due diligence process.

Download Vendor Risk Management Audit Framework Template

Excel | Smartsheet

Sample Vendor Risk Assessment Questionnaire Template

Free Vendor Risk Assessment Templates | Smartsheet (6)

Use this sample vendor risk assessment questionnaire template to build a questionnaire specific to the vendor type and in accordance with the guidelines that the appropriate governing body requires. This template contains sample questions in various categories and includes space to provide the point of reference for each question (e.g., internal subject matter experts [SMEs], industry standard assessment procedures, etc.). When assessing third-party suppliers, use this template as a master list to extract questions that are relevant to a particular vendor and in lockstep with the needs of your organization.

Download Sample Vendor Risk Assessment Questionnaire Template - Excel

Vendor Risk Comparison with Scorecard Template

Free Vendor Risk Assessment Templates | Smartsheet (7)

Use this vendor risk comparison with scorecard template to compare each vendor's weighted score during the vetting process. Collect and compile data in this template, score each vendor according to your established scoring system, and then compare how vendors rank against the various criteria that are important to your business.

Download Vendor Risk Comparison with Scorecard Template - Excel

For additional resources to help support your vendor relationship and management program, check out these 13 free vendor templates.

How Do You Perform a Vendor Risk Assessment?

A vendor risk assessment is a vital part of a holistic vendor management program. This assessment can take place during the vetting phase, or during an evaluation or review in order to measure performance on a continual basis.

Below, you’ll find some best practices to help you prepare for a thorough risk assessment.

Best Practices to Prepare for and Conduct a Thorough Risk Assessment

Follow the best practices below to conduct a thorough risk assessment:

  1. Have a clear understanding of your business objectives and risk tolerance prior to the vetting phase.
  2. During the vetting process, check for vendor reliability using a variety of methods, including background checks, customer reviews, and references from credible sources.
  3. Create a list of all current vendors and organize the list by category (e.g., healthcare, payment processors, office services, etc.).
  4. Check your vendor list against the list that your accounting department maintains to ensure that all vendors are accounted for.
  5. Determine which vendors have the greatest impact on your business (for example, do you consider a third party critical or non-critical?).
  6. Assign each vendor a risk rating (from moderate to critical) according to the vendor’s potential to pose regulatory compliance challenges, data security concerns, or financial risk to your organization.
  7. Establish the required, ongoing due diligence you must perform on each vendor based on its level of risk. Focus the most on high-impact vendors that pose a medium-to-high risk to your company.
  8. Gather information from internal subject matter experts, and stay current on changing regulations and guidelines, so you can update questionnaires and risk assessments accordingly.
  9. Standardize your vendor management program to keep processes streamlined and efficient.
  10. Conduct due diligence reviews and measure the effectiveness of your vendor management program on a continual basis.

Why Is a Vendor Risk Assessment Important?

When your business understands and effectively manages third-party risks with a sound vendor management program, you can pinpoint vendors that are critical to business operations and proactively mitigate undue risks. Conducting an adequate risk assessment is a critical element of the vendor management process.

For more information, including expert advice on vendor due diligence and monitoring, visit"Simplified Guide to Vendor Risk Assessment."

Key Benefits of a Vendor Risk Assessment

A vendor risk assessment can offer your company tremendous advantages. Here are the key benefits of the process:

  • Identify Third-Party Vulnerabilities: A thorough review of a vendor helps you identify any potential weaknesses that could pose a security threat to your business. Determine the significance of any vulnerabilities based on the impact a vendor has on your business. You can ascertain a vendor’s impact by considering the following questions: What types of information will the vendor have access to? How critical is the vendor to business operations?
  • Mitigate Risk: Identifying vulnerabilities — especially during the vetting process — enables you to decide how you want to move forward with a particular vendor (e.g., accept, deny, or transfer risk) in order to mitigate strategic, operational, legal, regulatory, and other types of risk to your business.
  • Support Due Diligence: When you understand the impact and risk that a vendor poses and you incorporate due diligence requirements into your assessment plan, you can evaluate each vendor more clearly to determine if you should pursue a new vendor relationship or continue an existing one.
  • Reduce Costs: When you put proper controls and monitoring protocols in place as part of due diligence, your business can handle security threats in a proactive —rather than reactive — manner. Mitigating potential risks will reduce the financial burden on your business that comes with a cybersecurity attack or other data breach.

Questions to Ask During a Vendor Risk Assessment

The information you obtain from a vendor risk assessment questionnaire will be more useful when you ask the right questions.

Here are some examples of standard risk assessment questions:

  1. Do you encrypt email communication?
  2. Does a third-party vendor perform penetration tests on a regular basis?
  3. How do you perform due diligence on your third-party vendors during vetting and post contract?
  4. How do you handle incidents that arise, and what is the process for communicating those incidents?
  5. Do you regularly check for publicly disclosed security vulnerabilities?
  6. What other products or services do you offer?
  7. How and where do you store your sensitive digital information? If a third party is storing it, please disclose the vendor’s name and data management process.
  8. Describe the training that employees in your organization receive regarding data privacy and security measures.
  9. Who is your data protection officer, and what are the responsibilities of the person in that role?
  10. Do you have control procedures in place to limit the access (of employees, contractors, third parties, and other company agents) to your data on a need-to-access basis?

Because each business has unique needs and because third-party vendors carry varying risk and impact levels, you must tailor the questions you ask in your questionnaire to your specific needs and industry.

Tips For Developing a Vendor Risk Assessment Questionnaire

As you develop and revise your vendor risk assessment questionnaires as part of your overall vendor management program, the following tips will provide you with guidance.

  1. Tailor Each Questionnaire to the Specific Vendor: Your strategy for a vendor risk assessment should not be a one-size-fits-all approach. Questions should be related to the types and level of risk a vendor poses to your business, the types of products and services a vendor offers, and the level of impact a vendor has on your day-to-day business operations. For low-risk, low-impact vendors, a standard set of questions may suffice. For high-risk, high-impact vendors, expand on the standard set of questions to include concerns regarding access to confidential information. Put simply, only ask questions that are relevant to the type of vendor with whom you’re working.
  2. Use Simple and Direct Language: Make the instructions clear and keep the questions concise. Limit the use of technical terminology. Any misinterpretation of a question could lead to inaccurate or ineffective results.
  3. Refer to Regulatory Guidelines and Subject Matter Experts: Questions will vary based on the vendor’s industry and the guidelines that the relevant governing regulatory bodies impose. The guidelines and regulations will help you categorize and build your list of questions. In addition to researching up-to-date regulations, speak with relevant internal subject matter experts for insight on questions to include.
  4. Structure Your Questionnaire by Categories Important to Your Organization: Use the insight you gathered from the previous step to organize your questionnaire into categories that are vital to your business and relevant to the vendor. In this way, you’ll stay organized and use your time and resources most effectively.
  5. Update the Questionnaire on a Regular Basis: Determine the frequency with which you will review and modify your questionnaire based on ever-changing regulations and vendor risks. A regular review ensures that the questions you ask remain current and relevant to the risks your business faces.

Improve Vendor Risk Assessment with Real-Time Work Management in Smartsheet

Empower your people to go above and beyond with a flexible platform designed to match the needs of your team — and adapt as those needs change.

The Smartsheet platform makes it easy to plan, capture, manage, and report on work from anywhere, helping your team be more effective and get more done. Report on key metrics and get real-time visibility into work as it happens with roll-up reports, dashboards, and automated workflows built to keep your team connected and informed.

When teams have clarity into the work getting done, there’s no telling how much more they can accomplish in the same amount of time.Try Smartsheet for free, today.

Free Vendor Risk Assessment Templates | Smartsheet (2024)

FAQs

How do you create a vendor risk management program? ›

6 Steps for Establishing a Vendor Risk Management Program
  1. Develop Governance Documents Appropriate to your Organization. ...
  2. Have a well-defined vendor selection process. ...
  3. Establish contractual standards. ...
  4. Keep up with periodic due diligence and ongoing monitoring. ...
  5. Define an internal vendor risk management audit process.

Can I create my own risk assessment? ›

It's important that you make risk assessments your own — copied risk assessments won't meet legal requirements. Every company will have unique hazards and risks, so risk assessments will only be relevant and effective if they're specific to your business and company operations.

How do I create a risk assessment template? ›

Basic Risk Assessment Template
  1. A description of the procedure, task, or worksite being assessed.
  2. Identify the hazards and document them.
  3. Identify the risks associated with each activity.
  4. Attach photos of the hazards.
  5. Determine a risk rating.
  6. Document the specific control measures taken to mitigate the risk.
15 Oct 2022

What is a vendor risk questionnaire? ›

A vendor risk management questionnaire (also known as a third-party risk assessment questionnaire or supplier risk assessment questionnaire) is designed to help organizations identify potential weaknesses among vendors and partners that could result in a breach.

What are the major components of a vendor risk assessment report? ›

5 Essential Components of a Vendor Risk Assessment
  • Component 1: Determining Business Impact and Regulatory Risk.
  • Component 2: Inherent Risk – What Is It?
  • Component 3: Mitigating the Inherent Risk.
  • Component 4: The Residual Risk.
  • Component 5: Aggregate Results and Document Everything.
4 Feb 2020

What is vendor risk management framework? ›

Vendor risk management (VRM) is the process of ensuring that the use of service providers and IT suppliers does not create an unacceptable potential for business disruption or a negative impact on business performance.

What should a vendor management program include? ›

Vendor management programs include policies and procedures that are explained in shared documents, and they serve to drive cost control, risk management, service, and quality excellence.

How do I set up a vendor management plan? ›

Steps to Create a Vendor Management Program
  1. Step 1: Gather Vendor Information. Start with the most important parts of your vendor inventory. ...
  2. Step 2: Prioritize Vendors. ...
  3. Step 3: Classify Vendors. ...
  4. Step 4: Create a Vendor Information Sheet for Each. ...
  5. Step 5: Evaluate vendor performance with a Vendor Scorecard.
4 May 2022

What are the 5 things a risk assessment should include? ›

You can do it yourself or appoint a competent person to help you.
  • Identify hazards.
  • Assess the risks.
  • Control the risks.
  • Record your findings.
  • Review the controls.

Do small businesses need risk assessments? ›

Note that if you have five or more employees, you have a legal obligation to have a written risk assessment. But even if you have fewer than five employees and therefore no legal obligation, you might find it useful to write a risk assessment anyway so that you have a record and you can review it at a later date.

How do I create a risk map in Excel? ›

How To: Create an Excel Risk Heatmap - YouTube

How do you create a risk matrix in Excel? ›

Setting up the Data

We will set up the risk matrix by doing the following: We will type the severity on the Y-axis (Cell B5 to Cell B9) We will type the likelihood on the X-axis (Cell C4 to Cell G4) We will input the numbers as shown in figure 2 in the range of C5:G9.

What is an example of a risk assessment? ›

Here are common risk assessment examples: Health and Safety Risk Assessment – a type of risk assessment used by safety managers to determine health and safety risks associated with the job, work environment, and current processes. Hazards can be identified as biological, chemical, energy, environmental, and the like.

Which elements are used for vendor assessment? ›

Vendor performance evaluation requires three elements: a vendor roster based on value to your organization; a system to track performance against metrics and service level agreement; and the utilization of a strategic ranking system.

What is vendor risk profiling? ›

The world's only third-party diligence solution that aligns legal, contractual, and privacy compliance requirements, complete with data visualizations and ongoing risk monitoring.

Why is a vendor risk assessment important? ›

A vendor risk assessment helps organizations understand the risks that exist when they use third-party vendors' products or services. Conducting a risk assessment is particularly important when a vendor handles a critical business function, accesses sensitive customer data, and/or interacts with customers.

Who is responsible for vendor risk management? ›

Ultimately, Senior Management and the Board of Directors are accountable for vendor risk management.

How do you identify high risk vendors? ›

High-risk vendors are irreplaceable.

For example, a customer call center is high risk. They must comply with regulations, interact with your customers and access sensitive information.

What is vendor risk management objective? ›

The goal of vendor risk management is to position the organization in a defensible position by taking inventory of all vendors, measuring how much of a risk each vendor poses, assessing each vendor objectively, and then systematically repeating this process.

Which of the following was listed as a best Practise for vendor risk management? ›

Form a Dedicated VRM Committee

One of the best practices you can implement is a vendor risk management committee. This is a dedicated team with senior management represented. The committee is tasked with dealing with potential and existing vendors.

What is a low risk vendor? ›

Low: Low-risk vendors are those that don't store sensitive information.

What is vendor management framework? ›

What is a vendor management framework? The vendor management framework, or VMF, is the set of processes, policies, and procedures a company uses to select, assess, onboard, and manage vendors. A well-designed vendor management framework helps. Improve vendor performance. Reduce security risk.

What is the difference between procurement and vendor management? ›

The only significant difference is that sourcing deals directly with the goods and services through potential vendors, while procurement is an indirect cycle of chain management. Companies need both processes to integrate seamlessly to optimize fulfillment efficiency.

What makes a good vendor manager? ›

This role requires you to be a good communicator and negotiator and have interpersonal skills to effectively maintain vendor relationships. Math and decision-making skills are important for selecting vendors that best fit the company's needs.

What are vendor deliverables? ›

The Vendors shall have executed and delivered or caused to have been executed and/or delivered, as applicable, to the Purchaser at the Closing all documents and other Closing deliveries as contemplated in Section 8.2.

Who is involved in vendor management? ›

Vendor management is a term that describes the processes organizations use to manage their suppliers, who are also known as vendors. Vendor management includes activities such as selecting vendors, negotiating contracts, controlling costs, reducing vendor-related risks and ensuring service delivery.

How do you ensure quality deliverables from vendors? ›

Improve Vendor Quality Control
  1. Get accurate item specifications. ...
  2. Write a vendor compliance manual. ...
  3. Establish good vendor relationships. ...
  4. Use vendor scorecards in the review process. ...
  5. Set up correction and remedy procedures. ...
  6. Push compliance upstream. ...
  7. Invest in infrastructure and gain management support.

What are the 3 types of risk assessments? ›

For the purpose of this article we will focus on three types of risk assessments: Baseline risk assessments (Baseline HIRA) Issue based risk assessments (Issue based HIRA) Continues risk assessments (Continues HIRA)

Is a risk assessment a legal requirement? ›

The short answer is yes, risk assessment is a legal requirement, but it doesn't have to be a burden! It helps to have a clearer idea of how the law applies to your context, why risk assessment is so important, and what you need to do to keep on top of things.

What types of questions are required in a risk assessment? ›

For example, common starting questions include:
  • What information security policies and procedures do you have in place?
  • Are these policies and procedures up-to-date?
  • Do these policies align with current HIPPA standards?
  • Are these policies consistently followed?
  • How often is staff trained on HIPAA procedures?
29 Dec 2020

Do self-employed need risk assessment? ›

Most self-employed people will know if their work poses a risk to the health and safety of others. You must consider the work you are doing and judge for yourself if it creates a risk or not.

What is the first step of a risk assessment? ›

Identifying and locating potential hazards is the first step in a risk assessment. Several different types of hazards should be considered. Physical risks include tripping or falling in the workplace, sustaining injuries when lifting heavy materials or working with dangerous machinery.

Do I need a risk assessment if I have less than 5 employees? ›

If you have fewer than five employees you don't have to write down your risk assessment or your health and safety policy.

What is the 5 step process of risk assessment? ›

Identify the hazards. Decide who might be harmed and how. Evaluate the risks and decide on control measures. Record your findings and implement them.

What are the most common risk assessment techniques? ›

The most common techniques are Brainstorming, Delphi, Scenario analysis, Structure What If (SWIFT), Hazard and Operability Studies (HAZOP), Business Impact Analysis, Bow Tie Analysis, etc.

What is a detailed risk assessment? ›

A risk assessment is a thorough look at your workplace to identify those things, situations, processes, etc. that may cause harm, particularly to people. After identification is made, you analyze and evaluate how likely and severe the risk is.

How does a 5x5 risk matrix work? ›

Because a 5x5 risk matrix is just a way of calculating risk with 5 categories for likelihood, and 5 categories severity. Each risk box in the matrix represents the combination of a particular level of likelihood and consequence, and can be assigned either a numerical or descriptive risk value (the risk estimate).

How do you create a risk matrix? ›

How do you calculate risk in a risk matrix?
  1. Step 1: Identify the risks related to your project. ...
  2. Step 2: Define and determine risk criteria for your project. ...
  3. Step 3: Analyze the risks you've identified. ...
  4. Step 4: Prioritize the risks and make an action plan.
13 May 2022

How do you draw a risk map? ›

5 steps to make a risk map
  1. Appoint a risk committee. Designing a risk map provides comprehensive and discriminated information to better understand the company's threats, as well as its processes and projects. ...
  2. Define risk. ...
  3. Identify the risks. ...
  4. Assessing risks. ...
  5. Prioritization matrix.
18 Jun 2020

What is risk matrix template? ›

Also known as a risk management matrix, risk rating matrix, or risk analysis matrix, a risk matrix template focuses on two aspects: Severity: The impact of a risk and the negative consequences that would result. Likelihood: The probability of the risk occurring.

What is the difference between risk management and business continuity? ›

While risk management focuses on mitigating problems from the outside, business continuity plans outline what a company should do in case they are faced with the worst possible outcome.

Can I write my own risk assessment? ›

It's important that you make risk assessments your own — copied risk assessments won't meet legal requirements. Every company will have unique hazards and risks, so risk assessments will only be relevant and effective if they're specific to your business and company operations.

How do you write a simple risk assessment? ›

  1. The Health and Safety Executive's Five steps to risk assessment.
  2. Step 1: Identify the hazards.
  3. Step 2: Decide who might be harmed and how.
  4. Step 3: Evaluate the risks and decide on precautions.
  5. Step 4: Record your findings and implement them.
  6. Step 5: Review your risk assessment and update if. necessary.

How do you write a risk assessment template? ›

Risk assessment template
  1. Step 1: Identify the hazards. Biological (e.g. hygiene, disease, infection) ...
  2. Step 2: Assess the level of risk. Consider the hazards identified in Step One and use the risk assessment matrix below as a guide to assess the risk level. ...
  3. Step 3: Control the risk. ...
  4. Step 4: Monitor and review controls.

How do you assess a vendor? ›

How to Evaluate a Vendor in 6 Easy Steps
  1. Preliminary Review of All Vendor Proposals.
  2. Record Business Requirements and Vendor Requirements.
  3. Assign Importance Value for Each Requirement.
  4. Assign a Performance Value for Each Requirement.
  5. Calculate a Total Performance Score.
  6. Select a Winning Vendor.
3 Jun 2019

What is vendor risk profiling? ›

The world's only third-party diligence solution that aligns legal, contractual, and privacy compliance requirements, complete with data visualizations and ongoing risk monitoring.

Why is a vendor risk assessment important? ›

A vendor risk assessment helps organizations understand the risks that exist when they use third-party vendors' products or services. Conducting a risk assessment is particularly important when a vendor handles a critical business function, accesses sensitive customer data, and/or interacts with customers.

Who is responsible for vendor risk management? ›

Ultimately, Senior Management and the Board of Directors are accountable for vendor risk management.

How do you identify high risk vendors? ›

High-risk vendors are irreplaceable.

For example, a customer call center is high risk. They must comply with regulations, interact with your customers and access sensitive information.

What is vendor scorecard? ›

Vendor scorecards are used to track and measure vendor performance. They can vary from simple to complex and can contain as much or as little criteria as deemed effective to accomplishing an organization's goals.

Which elements are used for vendor assessment? ›

Vendor performance evaluation requires three elements: a vendor roster based on value to your organization; a system to track performance against metrics and service level agreement; and the utilization of a strategic ranking system.

What are the 3 components of risk profile? ›

A risk profile examines: the nature and level of the threats faced by an organisation. the likelihood of adverse effects occurring. the level of disruption and costs associated with each type of risk.

What is vendor risk management framework? ›

Vendor risk management (VRM) is the process of ensuring that the use of service providers and IT suppliers does not create an unacceptable potential for business disruption or a negative impact on business performance.

What does a vendor risk manager do? ›

Vendor risk management (VRM) is a risk management discipline that focuses on pinpointing and mitigating risks associated with vendors. VRM gives companies visibility into the vendors they work with, how they work with them, and which vendors have implemented sufficient security controls.

Which strategies are part of effective vendor risk management? ›

Best Practices for Effective Vendor Risk Management
  • Effective Vendor Selection.
  • Due Diligence and Continued Oversight.
  • Vendor Risk Assessment.
  • Vendor Performance Monitoring.
  • A Disciplined Vendor Governance Framework.

How can risk of vendor be reduced? ›

Shifting to an automated VRM process
  1. Pre-qualify vendors. ...
  2. Classify vendors according to risk level. ...
  3. Automate compliance and risk assessment with self-reporting tools. ...
  4. Provide continuous risk monitoring. ...
  5. Provide third-party risk reporting.
3 Feb 2021

What are some of the risks that must be considered in selecting vendors and dealing with unexpected external events? ›

Let's consider the many types of risks that a vendor brings to our projects and some potential mitigation strategies.
...
Vendors Are Risky Business
  • Performance risk. (This is generally at the top of the list.) ...
  • Culture risk. ...
  • Competency Risk. ...
  • Capacity risk. ...
  • Reputation risk. ...
  • Alignment.

What is a low risk vendor? ›

Low: Low-risk vendors are those that don't store sensitive information.

Which of the following was listed as a best Practise for vendor risk management? ›

Form a Dedicated VRM Committee

One of the best practices you can implement is a vendor risk management committee. This is a dedicated team with senior management represented. The committee is tasked with dealing with potential and existing vendors.

Top Articles
Latest Posts
Recommended Articles
Article information

Author: Prof. Nancy Dach

Last Updated:

Views: 5890

Rating: 4.7 / 5 (77 voted)

Reviews: 84% of readers found this page helpful

Author information

Name: Prof. Nancy Dach

Birthday: 1993-08-23

Address: 569 Waelchi Ports, South Blainebury, LA 11589

Phone: +9958996486049

Job: Sales Manager

Hobby: Web surfing, Scuba diving, Mountaineering, Writing, Sailing, Dance, Blacksmithing

Introduction: My name is Prof. Nancy Dach, I am a lively, joyous, courageous, lovely, tender, charming, open person who loves writing and wants to share my knowledge and understanding with you.