How to Leverage Software to Gain Consistency in Vendor Risk Assessments