Supplier Assessment Framework

This section covers the Risk Ledger Supplier Assessment Framework (SAF) by domain.

Within each domain, any scoping questions are listed as the number 00.

A) Security Certifications
This domain covers how your organisation maintains compliance with key security certifications.

7 articles in section

B) Data Protection
This domain covers compliance with data protection legislation.

11 articles in section

C) Security Governance
This domain covers how your security governance is designed, implemented, and maintained.

24 articles in section

D) HR Security
This domain covers the security controls you have implemented to mitigate security risk from your employees.

5 articles in section

E) IT Operations
This domain covers the security controls you have implemented to maintain the health of your IT systems and processes.

35 articles in section

F) Application Security
This domain covers the security controls you have implemented during the development of your IT applications.

12 articles in section

G) Network and Cloud Security
This domain covers the security controls you have implemented to maintain the security and integrity of your corporate network and any cloud infrastructure.

31 articles in section

H) Physical Security
This domain covers the physical security controls you have implemented to protect your organisation's physical premises.

11 articles in section

I) Business Resilience
This domain covers the processes and plans you have in place to ensure a quick recovery if a failure occurs.

14 articles in section

J) Supply Chain Management
This domain covers the processes and controls you have in place to ensure the security risk from your supply chain is mitigated.

7 articles in section

K) Procurement Risk
This domain covers the governance and controls you have implemented within your organisation to protect your organisation from risks not linked to technology or financial crime.

13 articles in section

L) Financial Crime
This domain covers the financial controls you have implemented to prevent, identify, and respond to evidence of financial crime.

14 articles in section