How do you manage vendor relationships and evaluate third-party security products to ensure they align with organizational architecture standards?