Security Profile

Our commitment to securing your information

You entrust us with confidential information about your organisation. We understand the responsibility to support your confidentiality, integrity and availability needs.

We share that responsibility with you.

Security Seals

Risk Ledger responsibility: security of the platform

Risk Ledger protects and maintains:

  • the infrastructure of the Risk Ledger platform that hosts your information.
  • the functionality of the platform that enables you to securely host and manage your information including:
    • authentication of users of the platform
    • the controls you use to securely share information

Your responsibility: security of your information in the platform

You have responsibility to control and secure how you:

  • maintain your information in the platform
  • add, change or remove people in your organisation that maintain your information
  • choose whom you share your information with - for example the other organisations that request to connect with you

How we keep your information secure


All data sent to and from Risk Ledger is encrypted in transit. Our website, application and API are served over TLS/SSL, achieving A+ on Qualys SSL labs. We also encrypt all data at rest with the industry-standard AES-256.


Risk Ledger enforces strong authentication for both our platform users and employees, to protect our customers and their data. Multi-Factor Authentication (MFA) is mandatory to access the product and all our internal systems.

Cloud infrastructure

Risk Ledger services and data are hosted within hardened cloud infrastructure, managed using Infrastructure-as-Code processes. We operate over two availability zones, with robust monitoring in place. Amazon Web Services (AWS) is our primary cloud provider.

Independent security testing

Risk Ledger undergoes regular vulnerability scanning and penetration tests by independent third-parties, testing our security controls against industry standards. In addition, we maintain ISO 27001 and Cyber Essentials compliance.

Pattern Trapezoid Mesh

Want to know more?

Why not request access to our security assessment profile on the Risk Ledger platform?

Contact us

If you have any questions, concerns or would like to report a vulnerability, please email