iso27diy-corp/Corpus/ISMS/Policy examples/Vulnerability Disclosure Policy.md

Having a permissive vulnerability disclosure policy (VDP) encourages security research, and is a key characteristic of a good, mature security program. It encourages transparency.

For you as a vendor, it enhances Vendor security MoC towards your customers. As a customer, you may check for a VDP when creatingyour Examples of vendor selection questionnaires.