It is part of our founding mission to make responding to client security due diligence requests as pain free as possible for you, so we provide resources to compliment the platform and guide you as you use it.
How to Answer the Questions
When reviewing the assessments, clients are looking to understand the security posture of the whole organisation. With this in mind, when completing your supplier profile ensure you are completing the questions at an organisation-level rather than in relation to one specific product or service.
For example, if a client is looking to connect with Atlassian, then Atlassian would need to answer the questions about security at an organisational level. They would not go through the questions and answer them in reference to a specific product, such as Jira.
If your security controls are noticeably different for each product or service, please contact the Customer Success team at customersuccess@riskledger.com to discuss how best to present the information on the platform without causing confusion or unnecessary duplication.
Risk Ledger Knowledge Base
Our Knowledge Base includes an article on every single risk control included in our Supplier Assessment Framework.
Clicking the “Learn more about this question” prompt in each question will take you to its respective Knowledge Base article.
Each article explains what the control is, how to respond to the question on your profile, why the risk control is important and guidance on how to implement the control securely.
💡 If there is anything not covered in our Knowledge Base or this article, or if you'd like to book in a training session, please feel free to contact us at support@riskledger.com or alternatively, select the Chat icon in the bottom right corner.