The Risk Ledger framework was developed using common industry standards such as ISO27002, NIST CSF, NCSC CAF, Cyber Essentials, CIS20 and many others.

We also regularly review bespoke frameworks / supplier questionnaires from our clients and prospects so are able to curate these into one gold standard framework.

We see that all organisations aim to gather roughly the same information from their suppliers, but formatted in different ways, with slight changes in wording and structure. This makes it extremely time-consuming for suppliers to respond to, resulting in lower quality data for clients. Using the standardised Risk Ledger framework, suppliers are able to maintain one high-quality profile which gives clients all the information they need to asses the risk related to working with that supplier.