New updates and improvements to Risk Ledger
We've added light and dark mode options to improve accessibility and give you more control over your Risk Ledger experience.
Navigate to Settings > Appearance and choose from:
This month brought significant enhancements to how you visualise and understand your extended supply chain.
With the launch of Fourth Parties, you can now map critical dependencies beyond your direct suppliers, whilst our improved Network Visualisation makes it easier to spot concentration risks across complex supplier networks.
We've also refined our assessment framework and enhanced supplier collaboration tools to drive faster, more accurate risk assessments.
Client and supplier relationships are complex and ever-evolving. You need a real-time, comprehensive overview of your suppliers’ suppliers to identify and understand changing critical dependencies and concentration risks.
We launched Fourth Parties to solve this. Clients can get true visibility of their suppliers’ critical suppliers, plotted in our Network Visualisation tool for faster, deeper supply chain analysis.
Here’s how it works:
Fourth Parties is now live on the Risk Ledger Supply Chain Security Platform ready for Clients and Suppliers to explore.
You can learn more about the feature on our blog or in our Help Center.
Along with the launch of Fourth Parties, we continued to enhanced our Network Visualisation tool to ensure it gives businesses a clear and accurate picture of how businesses are connected to one another across multiple tiers of relationships.
What’s changed:
We update our Standardised Assessment Framework every six months to ensure that the framework remains relevant to changing regulatory and business demands, while maintaining consistency for clear comparison.
In our latest update, these are the changes we made:
You can learn more about what this means for Clients here, and Suppliers here.
For Suppliers to complete an assessment, it takes multiple people across different teams to work together. So, we’re improving how Supplier teams collaborate on Risk Ledger with these new features:
When assessing their suppliers, companies are always looking for ways to verify what suppliers claim to do. With External Monitoring (Beta), we're complementing supplier assessments with external, objective data to verify their security posture.
This month, we're expanding these capabilities with port scanning and enhanced findings navigation.
Port Scanning automatically checks suppliers' digital assets for open ports that are frequently targeted in cyber attacks.
We focus on the most critical vulnerabilities across remote access, databases, web services, file sharing, and infrastructure—reducing noise whilst surfacing the findings that matter most.
Like all External Monitoring features, port scanning results appear directly within your suppliers' profiles alongside their assessment responses, giving you the complete picture without having to jump back and forth between different tools.
Based on user feedback of early versions of External Monitoring (Beta), we’ve updated our severity indicators and explainers to provide more context and transparency to users about how we assign severity ratings to scan findings.
We’ve introduced two new ways for Clients to quickly view Supplier scans and help prioritise the findings they should be looking at, focussing on critical issues or specific assets.
We’re also simplifying the supplier onboarding flow to speed up assessment completion times. So far, we’ve introduced some design changes to the initial signup flow to make the experience more enjoyable for new users.
Monthly research, case studies and practical guides you won't find anywhere else.
Join thousands of security managers turning their TPRM programmes into success stories.