OT Security RFP Evaluation Kit — Doc 03: Protocol & Asset Questionnaire

— Engagement Header

Organization

Prepared By

Date

Evaluation Phase

Part A Internal Asset Audit

Part B Vendor Response

Part C Comparison Notes

A Internal Protocol & Asset Inventory Completed by your team before vendor engagement. Not shared with vendors.

Document every protocol and asset class present in your OT environment. Mark legacy systems honestly — this is for internal use only. Click a row number to remove it.

#	Protocol	Equipment Type	Vendor / Model (examples)	Network Segment	Approx. Count	Legacy? (Y/N)

B Vendor Protocol Support — Response Table Sent to vendors with Part A protocols listed. Vendor response fields start blank.

Vendor Name

Product / Version

Full support (native) Partial / plugin required Not supported

#	Protocol	Support Level	Detection Method	Version Depth	Vendor Notes / Caveats

Sync pulls protocol names from Part A into Part B, preserving any existing vendor responses.

C Comparison Notes Internal use only. Not included in the vendor-facing export.

Use these fields to record observations after reviewing vendor responses against your Part A inventory.

Coverage Gaps Identified

Conflicting or Unclear Responses

Legacy Asset Handling Assessment

Follow-up Questions for Vendor

Overall Fit Assessment

Export Document

Enter your work email to receive the OT cybersecurity newsletter and download your completed questionnaire. You'll receive two files: an internal version (all three parts) and a vendor version (Parts A & B, vendor response fields blank).