Changelog
New updates and improvements to Risk Ledger
New updates and improvements to Risk Ledger
As more organisations join the Risk Ledger network and supply chain maps become increasingly complex, we wanted to ensure our visualisation tools could handle even the most intricate supplier relationships without compromising on performance or clarity.
This month, Network Visualisation got significant performance improvements and enhanced usability, making it easier to see and understand the connections throughout your supply chain, from third parties all the way down to sixth-parties and beyond.
We've overhauled the performance of our network graphs. Whether you're viewing your own supply chain or the most complex, interconnected supplier network, the visualisation now runs smoothly without lag or delays. This improvement ensures that even organisations with extensive nth-party relationships can explore their networks seamlessly.
You can now jump directly to the network visualisation from any Supplier Profile. This new feature provides immediate access to both your supply chain and community network (if you're part of a community), making it easier to understand how each supplier fits within your broader ecosystem.
Better supplier identification: Hover over any node in the network map to quickly see the supplier’s name. Click on each node to explore nth party connections and understand the full relationship chain.
Clearer connection paths: We've made design improvements that make it easier to see how suppliers connect to your organisation, helping you trace relationships and dependencies more effectively.
Compliance score visibility: Nodes now clearly indicate which suppliers have compliance scores and which don't. Green nodes represent suppliers with completed assessments, whilst white nodes help you quickly identify unclaimed profiles, incomplete assessments, or suppliers where policies haven’t been applied yet.
Note: These improvements apply to both your own supply chain graph and the community network map, if you’re part of a community.
Earlier this month, we launched Product Level Answers, a fundamental update to our assessment that allows suppliers to accurately represent varying security controls across multiple products, within a single profile.
Instead of maintaining separate accounts or duplicating information, suppliers can set organisational-level answers as a baseline and highlight the differences where security controls vary by product. Suppliers can then share precise and relevant information with each client and Clients can clearly identify security control variations across different products, leading to more accurate risk assessments.
While Risk ledger’s full and standardised framework offers a comprehensive assessment of larger and critical suppliers. However, what has become more evident over time that increasing the visibility and coverage of your less critical or smaller suppliers has a compounding effect.
The original full framework with its 192 controls across 10 security domains provides you with the depth and coverage needed to ensure that your larger and more critical suppliers have a strong security posture in place. We have now introduced an additional and lighter version with only 44 control questions to ease the burden on smaller and less critical suppliers. This new configuration method allows flexibility and wider coverage of your supplier network, increasing uptake and engagement from your smaller or less mature suppliers. This is especially beneficial for those suppliers with limited resources, or which are in the earlier stages of developing their security practices.
But flexibility is key. Following this change, you now have the ability to adjust the scope of assessment questions based on your evolving relationship or changes in your suppliers’ risk profiles or your risk appetite. Either increase the assessment if a supplier becomes more critical or high risk, or decrease the assessment scope for smaller or lower-risk suppliers to increase their engagement with your programme.
Monthly research, case studies and practical guides you won't find anywhere else.
Join thousands of security managers turning their TPRM programmes into success stories.
