Once you have a completed security profile on the Risk Ledger platform, your organisation's name will be visible on the platform's list of suppliers so that other organisations you do business with can send a connection request to conduct security due diligence against your organisation - like a secure social network.
Providing access to your security profile to more than one client helps to eliminate the duplicated effort of completing security due diligence questionnaires for every new client.
π‘ Secure Network: None of the data in your security profile is visible to anyone until a user on your Risk Ledger account accepts a connection request. You can manage your active client connections and cancel connections at any point if needed.
Accepting a Connection Request:
You can receive a connection request from any organisation that uses the Risk Ledger platform to run a security-led, third-party risk management programme.
When you receive a connection request, authorised users on your organisation's account can accept it at the click of a button.
You should only accept connection requests once you have verified there is a business relationship between your organisation and the requesting organisation.
We encourage organisations sending connection requests to include information such as their main point of contact in your organisation or an account number to make it easier to verify the request.
Pending connection requests will appear in your Action Centre until you either accept or reject them.
π‘ Please Note: Only Admin & Edit users can accept connection requests and where an account is registered as both a Supplier & Client only Admin & Edit users who have access to the Supplier Side are able to accept.
Sending a Connection Request:
You can proactively connect with clients on the Risk Ledger platform to share access to your already completed security profile.
This will allow you to avoid repeatedly completing offline questionnaires - saving you time and effort.
Suppliers on the platform connected with the most clients, such as CrowdStrike and Zendesk, report reducing the time spent responding to each security due diligence request from weeks to hours.
You can find clients who are already on the platform by navigating to the search bar on the top left of your account.
Managing Existing Connections:
You will be able to see all of your active connections via the Clients page, this can be accessed via the sidebar under Clients.
From here you will be able to view all the information around the client and your connection to them, here is an example:
If you wish to remove a connection, you can do this easily by selecting the relevant client. You will then be shown an overview of the client in question. From the right hand side, you will be able to select Remove Client.
Once you remove the client this will remove the connection and the client will no longer be able to see your assessment.
π‘ Please Note: You will retain full control over who is able to view the data within your security profile. Only clients you are directly connected with will be able to see your answers to control questions and the evidence you upload.
Your clients may share the fact that they are working with you (the name of your organisation) with their own clients. If the client chooses to join a Risk Ledger Community, the names of their suppliers and any actions clients have taken may also be shared within the closed community.
π‘ If there is anything we haven't covered, please feel free to contact us at support@riskledger.com or alternatively, select the Chat icon in the bottom right corner.