What is Risk Ledger?
Risk Ledger is a platform that aims to enhance the security maturity of the global supply chain ecosystem. It provides a network of connected organizations, enabling them to collaborate on improving security defenses and mitigating risks in their supply chains.
Key Features
Dynamic Controls Framework: Risk Ledger offers a customizable controls framework for supplier assessments, which is approved by UK government experts. This framework allows organizations to achieve scalability for supply chain security. It can be tailored to reflect the risk appetite of the organization and covers all the cybersecurity criteria that organizations globally prioritize. Additionally, it provides standard mappings to widely recognized frameworks such as ISO27001, Cyber Essentials, the NIST Cybersecurity Framework, and the NCSC Cyber Assessment Framework.
Live Assessment Data in Supplier-Owned Profiles: Risk Ledger provides supplier-owned profiles where suppliers can showcase their security controls and certifications. Suppliers can update and share their profiles in real-time, similar to a cybersecurity-focused LinkedIn profile. This eliminates the need for one-off questionnaires and ensures a centralized and up-to-date source of supplier assessment data.
Real-Time Updates and Collaboration: Risk Ledger enables real-time updates and communication about controls between suppliers and clients. The platform's network model ensures constant connectivity, facilitating collaboration on remediation and other tasks directly within the platform. It streamlines communication between different teams internally, including procurement, HR, and compliance.
Visualize Concentration Risk: Risk Ledger allows organizations to visualize concentration risk beyond third parties. By automatically mapping connections across third parties, fourth parties, and beyond, the platform provides a comprehensive view of the supply chain network. This helps identify situations where multiple suppliers are dependent on the same upstream supplier, enabling organizations to take proactive measures to mitigate concentration risk.
Continuous Monitoring from Inside Out: Risk Ledger enables continuous monitoring of suppliers' internal security controls. It provides a snapshot of the state of play for all suppliers' internal security controls, allowing organizations to assess cybersecurity risks within their supply chain. The platform centralizes data and generates quick reports, providing a comprehensive view of the supply chain's security landscape.
Defend-as-One: Risk Ledger promotes the concept of Defend-as-One, encouraging organizations to collaborate and improve the security of the global supply chain. Many customers use Risk Ledger both as a client and a supplier, fostering collaboration and collective improvement of supply chain security. As the network grows, the potential to leverage cyber threat intelligence increases, resulting in enhanced security across industries.
Categories & Use Cases
Technical Details
| Deployment Types | SaaS |
|---|---|
| Operating Systems | Web-Based |
