We are dedicated to helping you reduce the time and cost of responding to security due diligence requests by ensuring you can share access to your Risk Ledger security profile as easily and as often as you choose.
To ensure this works for both you and your clients, Risk Ledger is built on a "continuous monitoring" model, meaning that your client will receive your most up to date information without you ever having to complete another assessment again.
This has the following benefits to suppliers:
The platform alerts you when it's time to update your assessment, making it quick and easy to complete.
Your profile can be shared across with colleagues across your organisation to ensure a collaborative approach and to help keep data up-to-date.
You won't need to fill out another assessment for client re-approval.
π‘ You can edit your security profile on Risk Ledger at any point to keep the information up to date. Any updates will be automatically updated for your client connections as well.
Changing the scope of your security profile
The scope of your security profile may need to change over time to reflect changes in your organisation and the products and services you deliver.
If a domain of the assessment that you marked as out of scope becomes relevant to your organisation and you need to add it to your security profile, you can do this by navigating to the assessment page via the sidebar and selecting the domain you want to bring into scope.
Once you have selected the domain, in this case Domain B you will see at the very top the first question is a scoping question. If you click into this, you will be able to choose Yes or No depending on your desired outcome.
π‘ Your profile should be answered at an organisational level, so be sure to answer yes to any scoping questions which are relevant to your organisation as a whole. Although you can update this answer at any time, answering no means that you will not be able to provide any answers for that domain and may miss out on an important control.
Changing responses to specific risk controls on your security profile
It is natural for your organisation's security risk management regime to change over time and it is important to update your security profile to reflect this so that your clients can see how seriously you are taking security and understand the implications for them.
To update your response to a specific risk control, select Assessment from the right-hand sidebar and select the relevant domain.
You will still see the option to select Yes or No in response to the question and you can update each textbox and the supporting evidence if required.
π‘ If there is anything we haven't covered, please feel free to contact us at support@riskledger.com or alternatively, select the Chat icon in the bottom right corner.