• /


Mondelēz International leverages information technology and third-party service providers to support our global business processes and activities.

A cyber security breach of our third-party systems, whether from circumvention of security systems, denial-of-service attacks or other cyberattacks such as hacking, phishing attacks, computer viruses, ransomware or malware, employee or insider error, malfeasance, social engineering, physical breaches or other actions, may cause confidential information belonging to us, our customers, consumers, partners, suppliers, or governmental or regulatory authorities to be misused or breached.

Reporting cyber security issues: If you have a cyber security incident to report, please contact your primary contact at Mondelēz International and also send an email to cybersecurity@mdlz.com

Report a Cyber security incident

Vendor Cyber Risk Management

The Mondelēz International Vendor Cyber Risk program supports the planning, automation and management of cyber risk with enrolled suppliers and other third parties. It leverages the Mondelēz International Vendor Cyber Risk portal to store security assessments for existing suppliers and support new suppliers to be assessed, evaluated and classified based on risk profiles.

Mondelēz International’s Security Risk Management organization, with support from business owners and procurement specialists, will be responsible for registering and initiating enrollment in the Vendor Risk Management process.

Mondelēz International has launched a central secure repository for third parties including key vendor contacts and service offerings/engagements. We have the ability to conduct cyber risk assessments using automated questionnaires comprised of tailored content with a refresh frequency for each supplier. The secure repository provides an external facing portal that centralizes all interactions and communications with suppliers. Any cyber security issues and associated remediations are tracked via workflows that enable issue identification, findings review, solution design and remediation plan alignment with suppliers to facilitate closure. This critical functionality allows for unprecedented collaboration with our suppliers in addition to risk reduction for both organizations.

Secure portal

Enrolled suppliers can access the Mondelēz International Vendor Risk Management portal HERE or enter the following URL into your browser: https://mdlz.service-now.com/svdp

  1. How do I complete security questionnaires, submit attestation evidence and participate in the program?

    Participation in the Mondelēz International Vendor Cyber Risk Management program is by invitation. Please contact your Mondelēz International contract representative to enroll or to request access to the portal.

  2. I received an email requesting completion of a security question what are next steps?

    Login to the secure vendor portal by clicking the link within the email or access the portal directly HERE

  3. I have forgotten my password to access portal?

    Click HERE and select reset password if you have forgotten or need to reset password. Your USER NAME is your email address

Contractual requirements

The Cyber Security and Operations Expectations Manual (CSE) is included in our contract template used to establish a contractual relationship between Mondelēz International and a supplier. Mondelēz International procures a wide range of goods and services and utilizes the CSE globally, so there are conditional sections as specified within contractual agreements. Additional data privacy requirements may also apply where personal data is processed. We also expect our suppliers and partners to abide by our Cyber Security and Operations Expectations Manual.


Please visit our Supplier Information Center for more information on how to conduct business with Mondelēz International.