Risk Ledger Supplier Case Study: Geoff Smith Associates
Risk Ledger Supplier Case Study: Geoff Smith Associates

Geoff Smith Associates Streamlines Compliance Using Risk Ledger

Learn why Geoff Smith Associates would like all its clients to use Risk Ledger in this supplier case study.

Community
Territory
United Kingdom

Who Are Geoff Smith Associates

Geoff Smith Associates Ltd (GSA) is a family-owned business established in 1997, which produces software solutions for police forces and the public sector. The company is based in Bardon, Leicestershire and employs a large team of developers and ex-police force staff. They offer a range of intelligence and investigation solutions to help teams collaborate, streamline their workflows, maximise their data insights, and gain deeper understanding to achieve better outcomes and make a difference.

“Risk Ledger is easy to use, is logically structured and has great features…it would be good if all our customers were on Risk Ledger.”

Simon Wallis, Compliance and Security Manager, GSA

Risk Ledger’s Standardised Assessment Framework

Risk Ledger is a collaborative platform for supplier due diligence that helps organisations identify, visualise, and mitigate supply chain security risk. 

Risk Ledger’s mission is to significantly reduce the number of supply chain incidents such as the Solarwinds, Log4J or MOVEit Transfer attacks by building the infrastructure to facilitate trust between organisations. Risk Ledger is based on a standardised assessment framework of control questions across 12 security domains.

  • International Best Practice
    Risk Ledger’s standardised assessment framework is mapped against all major international standards like ISO27001, NIST, NIS-D, the NCSCs CAF, CAIQ, Cyber Essentials, and many others.
  • No Longer Multiple Questionnaires
    Suppliers like GSA complete only one control-based standardised assessment, which they can simply keep up-to-date and share with their clients and prospects when requested.
  • Continuously Updated
    The framework is updated every 6 months to account for any recent developments in the security landscape, new regulatory requirements and based on client input.


GSA’s Experience Using Risk Ledger

GSA joined Risk Ledger as a supplier in 2023.

Using Risk Ledger has benefitted GSA by enabling them to stay on top of their own security, and by speeding up tendering and procurement processes.

According to Simon Wallis, Compliance and Security Manager at GSA, Risk Ledger has been “easy to use, is logically structured and has great features.” 

He added that “sharing our completed profile with clients simply requires the click of a button”.

Simon stressed that while not all clients and prospects that require GSA to complete security assessments can be persuaded to drop their requirement for suppliers to undergo their own in-house questionnaires and instead accept GSA’s Risk Ledger profile, “it would be good if all our customers were on Risk Ledger.” 

Among the features he likes best on the platform, Simon specifically mentioned Risk Ledger’s emerging threats feature. The feature notifies clients and suppliers when a new vulnerability that has been discovered is being actively exploited, and gauges their response for the benefit of everyone in the network.

Risk Ledger's Value Proposition to Suppliers

Risk Ledger has been designed to make life easier for suppliers and their clients. Suppliers currently face a situation where they receive hundreds if not thousands of unique questionnaires from their clients, all with a slightly different focus and control questions.

This means that suppliers have to complete each of these questionnaires individually, stretching their resources and making the whole process time-consuming and inefficient.

With Risk Ledger, suppliers benefit in the following way:

  • Suppliers get free access to an innovative and already widely adopted supplier due diligence SaaS platform.
  • Suppliers create their Risk Ledger profile & centralise all their security controls ready for clients to access.
  • Suppliers can actively share their profile with prospects, shortening procurement cycles.
  • Risk Ledger helps suppliers keep up to date with reassessments, remediations and changes across their whole client base.
  • Risk Ledger allows suppliers to demonstrate evidence around controls to remove friction with clients.
  • Risk Ledger encourages suppliers to also use the platform in the capacity of a client, assuring the security of their own supply chains.
Pattern Trapezoid Mesh

Defend against supply chain attacks with Defend-As-One.

No organisation is an island.

Pattern Trapezoid Mesh

Join our growing community

Sign up to our monthly newsletter to receive exclusive research and analyses by our experts, the latest case studies from our clients as well as guides, explainers and more to turn your supply chain risk management programme into a resounding success story.