BPQ data is used to evaluate suppliers for security criteria. True or False?

• A. BPQ data is evaluated for suppliers to ensure security criteria are met.
• B. BPQ data is used solely for marketing purposes.
• C. BPQ data is never reviewed during validation.
• D. BPQ data replaces all on-site inspections.

Answer: (A)

BPQ data is used to evaluate suppliers for security criteria in CTPAT. The Business Partner Questionnaire collects details about a supplier’s security practices—things like access control, physical security, procedures, and other controls. Reviewers compare those responses against the program’s security requirements to determine if the supplier meets the criteria and to gauge risk. This information helps decide whether a supplier passes validation or needs corrective actions, and it informs the overall risk rating. While BPQ data is a key part of the verification process, it does not replace on-site inspections, which may still be conducted based on risk. It also isn’t used for marketing purposes.