Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
Suitable for use across all industries, including Finance, Public Sector, Telecoms, Healthcare & Critical Infrastructure.
Our standardised control framework covers ISO27002, the NIST Cybersecurity Framework, the NCSC Cyber Assessment Framework & Cyber Essentials.
Use policies to add flexibility to the standardised framework, reflecting your risk appetite.
Instantly connect with your suppliers and review their regularly updated Risk Ledger security profile, eliminating back & forth of security questionnaires.
Standardised, control-based questions make it easy for suppliers to understand and provide clear, actionable data.
Our framework can be used by your suppliers for all their clients, reducing the assessment burden and increasing the quality of responses. Learn more
Security is at the heart of Risk Ledger's Supplier Assessment Framework. We cover compliance with key security certifications, ensure all relevant company policies are in place, check that major data protection legislation is being followed and explore technical controls for corporate networks, cloud environments and secure software development.
Financial Controls to prevent, identify, and respond to evidence of financial crime are also included in Risk Ledger's Supplier Assessment Framework. This includes checks for compliance with relevant Anti-Money Laundering (AML) regulations, applicable Anti-Bribery and Corruption (AB&C) legislation, fraud prevention and sanctions.
Risk Ledger's Supplier Assessment Framework also covers a range of non-security risks that a third-party may pose. This includes how your organisation manages and governs its environmental and social impact. It includes checks covering financial stability and looks for policies covering health & safety, the environment and whistleblowing. It also checks that human rights regulations are being followed and that diversity & inclusion commitments are documented.
This add-on domain is specific to suppliers working with the UK government. Please reach out to support@riskledger.com if you need help with this domain.
Our framework is reviewed every 6 months. Our team looks at incoming regulations/industry trends and adjusts the framework accordingly. However, we see the framework as a collaborative effort and encourage the Risk Ledger community to suggest amendments. This 2 pronged approach is what ensures that our framework is up to date and is as robust as possible.
Risk Ledgers standardised framework is built to address a range of regulations so you shouldn’t need to add any questions. However, we review our framework every 6 months so if there are gaps please let us know and we can look into them.
Most likely yes! Our framework has been built with all the major certifications & assessment frameworks in mind. In addition, we are constantly reviewing it to ensure it’s up to date. If you want to check about a specific certification or framework please get in touch.
No organisation is an island.
.svg)
