Vendor & Subcontractor Qualification Review Checklist for Professional Services [FREE PDF]

Professional services firms face significant legal and financial exposure when engaging unqualified vendors or subcontractors, including violations of SOX Section 404 internal control requirements, OSHA General Duty Clause obligations for multi-employer worksites, and AICPA independence standards when third parties have access to client data or financial systems. The PMI PMBOK Guide's procurement management framework and IRS Circular 230 further establish standards for due diligence in third-par

• Industry: Professional Services
• Frequency: Per Event
• Estimated Time: 60-90 minutes
• Role: Compliance Director
• Total Items: 35
• Compliance: SOX Section 404 - Management Assessment of Internal Controls, OSHA General Duty Clause, Section 5(a)(1) of the OSH Act, AICPA Professional Standards ET Section 1.224.010 (Independence - Subcontractors), PMI PMBOK Guide 7th Edition - Project Procurement Management, IRS Circular 230, Subpart B, Section 10.29 (Conflicting Interests)

Legal Entity & Business Registration Verification

Confirm the vendor or subcontractor is a legitimately registered legal entity in good standing.

• Has the vendor's legal business registration or Certificate of Good Standing been collected and verified with the issuing state authority?
• Has the vendor's EIN or tax identification number been collected via IRS Form W-9?
• Has the vendor been screened against the OFAC Specially Designated Nationals (SDN) list and SAM.gov exclusions database?
• Has the vendor's Dun & Bradstreet (DUNS) number or equivalent business credit profile been reviewed?
• If the vendor is a foreign entity, has the appropriate foreign vendor withholding documentation (IRS Form W-8BEN-E) been collected?

Professional Credentials & Licensing Verification

Verify that the vendor holds all required professional licenses and certifications for the services being contracted.

• Has the vendor provided proof of all required professional licenses applicable to the contracted scope of work?
• Have all vendor-provided licenses been verified as current and in good standing with the applicable state or national licensing authority?
• For legal subcontractors, have bar admission and disciplinary history been verified in all relevant jurisdictions?
• Has the vendor's key personnel identified for this engagement provided individual credential documentation?
• Has the vendor's license expiration date been logged in the firm's vendor management system for renewal tracking?

Insurance, Bonding & Indemnification

Confirm the vendor carries adequate insurance coverage to protect the firm from third-party liability arising from the engagement.

• Has the vendor provided a current Certificate of Insurance (COI) naming the firm as an additional insured on general liability coverage?
• Does the vendor's general liability policy meet or exceed the firm's minimum required coverage limits?
• Has the vendor provided proof of current professional liability (errors & omissions) insurance appropriate for the scope of work?
• Has the vendor provided proof of workers' compensation insurance covering all personnel assigned to this engagement?
• If the vendor will handle client funds or sensitive financial data, has a fidelity bond or crime insurance policy been verified?

Financial Stability & References

Assess the vendor's financial health and past performance to evaluate delivery risk for the engagement.

• Has the vendor provided the most recent two years of audited or reviewed financial statements?
• Has a business credit check or financial health assessment been conducted and documented?
• Have at least two professional references from comparable prior engagements been contacted and documented?
• Has the vendor disclosed any current or pending litigation, regulatory investigations, or judgments that could affect performance?
• Has the vendor's payment history with subcontractors or suppliers been reviewed to assess financial management practices?

Ethics, Independence & Conflict of Interest Review

Evaluate potential conflicts of interest, independence impairments, and ethical concerns before formalizing the vendor relationship.

• Has the vendor completed a conflict of interest disclosure form identifying any relationships with firm clients, employees, or competitors?
• For engagements involving attest or tax advisory services, has independence been evaluated under applicable AICPA or IRS standards?
• Has a review been conducted to confirm no firm principal, partner, or employee holds a financial interest in the vendor entity?
• Has the vendor acknowledged and agreed to comply with the firm's code of professional conduct and confidentiality requirements?
• Has the vendor disclosed any prior disciplinary actions, license revocations, or debarments from professional bodies or government agencies?

Data Security & Regulatory Compliance Capability

Verify the vendor has adequate data security practices and regulatory compliance capabilities for the data they will access or handle.

• Has the vendor completed the firm's third-party security assessment questionnaire or provided a current SOC 2 Type II report?
• Has a data processing agreement (DPA) or business associate agreement (BAA) been executed where the vendor will process personal or protected data?
• Has the vendor confirmed encryption standards for data in transit and at rest that meet or exceed firm policy requirements?
• Has the vendor provided documentation of their incident response plan and breach notification procedures?
• Has the vendor confirmed that their personnel who will access firm or client data have undergone background screening?

Contract Terms, Approval & Vendor Record

Confirm that all contractual protections are in place and that vendor qualification has been formally approved and documented.

• Does the vendor agreement include scope of work, deliverables, performance standards, and termination for cause provisions?
• Does the contract include indemnification, limitation of liability, and insurance maintenance clauses acceptable to firm legal counsel?
• Has the contract been reviewed and approved by the firm's legal counsel or managing partner prior to execution?
• Has the vendor been added to the firm's approved vendor registry with all qualification documentation attached?
• Has a re-qualification review schedule been established and communicated, with the next review date documented?

Related Professional Services Checklists

• Job Scheduling Checklist
• Workflow Improvement Checklist
• Project Management Milestone Review Checklist [FREE PDF]
• Remote Work Security Compliance Checklist [FREE PDF]
• Audit Planning Checklist
• Law Firm Trust Account Compliance Checklist [FREE PDF]
• CPA Firm Audit Quality Control Review Checklist [FREE PDF]

Related Project Management Checklists

• Job Scheduling Checklist - FREE Download
• Workflow Improvement Checklist - FREE Download
• Project Management Milestone Review Checklist [FREE PDF] - FREE Download

Why Use This Vendor & Subcontractor Qualification Review Checklist for Professional Services [FREE PDF]?

This vendor & subcontractor qualification review checklist for professional services [free pdf] helps professional services teams maintain compliance and operational excellence. Designed for compliance director professionals, this checklist covers 35 critical inspection points across 7 sections. Recommended frequency: per event.

Ensures compliance with SOX Section 404 - Management Assessment of Internal Controls, OSHA General Duty Clause, Section 5(a)(1) of the OSH Act, AICPA Professional Standards ET Section 1.224.010 (Independence - Subcontractors), PMI PMBOK Guide 7th Edition - Project Procurement Management, IRS Circular 230, Subpart B, Section 10.29 (Conflicting Interests). Regulatory-aligned for audit readiness and inspection documentation.

Frequently Asked Questions

Browse More Checklists

• All Project Management Checklists
• Professional Services Checklists
• Browse 9,600+ Free Checklist Templates
• Operations Blog
• Book a Demo