Resources

Academy

Mastering supply chain risk and creating a world-class supply chain risk management programme with the help of Risk Ledger’s educational resources.

Featured

How to Conduct Third-Party Risk Assessment

Learn how to conduct third party risk assessment with clear steps to identify, evaluate, and manage vendor risks for stronger supply chain security.

October 17, 2025

・

5

mins read

Risk Ledger

Company

Assessment Framework

Everything you need to know about our standardised supplier assessment framework and how it maps to leading frameworks like NIST, ISO 27001 and ISO 27002, CIS, COBIT, and others.

Supply Chain Maturity Quiz

How mature is your organisation’s supply chain risk management programme, and what can you do to take it to the next level? Find out today.

Data & Security Framework

Risk Ledger is a security platform built by people who care about security for people who care about security. This outlines Risk Ledger’s approach to security.

Recent Explainers & Guides

Explainers & Guides

Addressing the Growing Supply Chain Cyber Threats Facing the UKs Critical Energy Infrastructure

Geopolitical upheaval and growing cyber threats are putting UK energy supply chains at risk. In this article, we explore ways to secure critical national infrastructure against this growing threat through collaboration.

Supplier classification using the CIA triad

Learn how to classify your suppliers and determine which are the most critical to your organisation using the CIA triad as a guide.

Third-Party Risk Management in the Energy Sector

What are the challenges of third-party risk management (TPRM) in the energy industry, and what are the best practices when it comes to TPRM for the sector?

Latest Emerging Threats

Emerging Threat

Oracle E-Business Suite Vulnerability: Emerging Threat Published on Risk Ledger

Oracle has disclosed a critical vulnerability (CVE-2025-61882, CVSS 9.8) affecting Oracle E-Business Suite (EBS) versions 12.2.3 to 12.2.14.

Briefing Your Board on Supply Chain Attacks Like ToolShell

Discover how ToolShell exploits highlight supply chain attacks and what boards must do to assess exposure, brief leadership, and build resilience.

Chief Cyber Security Strategist

Emerging Threat

ToolShell On-Prem SharePoint Vulnerabilities: Emerging Threat Published on Risk Ledger

Microsoft has disclosed two vulnerabilities: CVE-2025-53770 (CVSS 9.8/Critical) and CVE-2025-53771. The exploit method is referred to as a “ToolShell” attack. Find out everything you need to know in this new Risk Ledger Emerging Threats blog.

Chief Operating Officer

From Engineering

Get the security manager's briefing

Monthly research, case studies and practical guides you won't find anywhere else.

Join thousands of security managers turning their TPRM programmes into success stories.