Vendor security questionnaire

The DNS, email, and TLS questions on every questionnaire — answered once, signed once.

A Dr.Who Domain Audit Report covers the domain-hygiene questions on the standard CAIQ, SIG, and ISO 27001 questionnaires. Or: pre-fill the answers right here from a live scan, then copy them into your response.

Fill answers from a domain scan

Enter your domain. We run the same 15 checks as a Dr.Who Domain Audit Report and pre-fill draft answers for 15 common vendor-questionnaire items. Copy, edit, and paste into your CAIQ / SIG / ISO 27001 response.

What the pack answers

Does the domain enforce DMARC with p=reject or p=quarantine?
Is SPF configured and within the 10-lookup limit?
Are DKIM selectors published with sufficient key strength?
Is TLS 1.2+ enforced on all public endpoints?
Are HSTS, CSP, and X-Frame-Options correctly set on the home page?
Is DNSSEC enabled on the apex?
Is MTA-STS published for SMTP-TLS enforcement?

Get a pack — $29 →See a sample pack