Our Methodology

Risk Ledger is a supply chain security platform enabling organisations to share risk information and collaborate on improving security and risk controls. Over 3000 organisations are currently using Risk Ledger to run their supply chain assurance programmes, or to showcase their security controls to their clients and customers. 

When a supplier creates a free profile on Risk Ledger they answer a series of questions on the controls they have in place. Every supplier profile is structured around the same standardised control framework, which allows us to pull out trends across different industries and geographies. 

To write this report, we analysed data from all organisations on Risk Ledger that supply the financial services industry - 218 organisations in total. The supplier organisations represented in this report are largely based in the UK and Europe, but include organisations across the world, including the United States, Australia and India.  

Page 6 of this report contains data on the use of unsupported systems across different industries. This includes data from all 3000 organisations on Risk Ledger, which gives a comparison of the financial services industry against other industries. 

We’ve broken this report into five major sections: physical security, cybersecurity, cyber resilience, third-party risk management and data protection. This report contains anonymised aggregated data and highlights a cross-section of control areas. Organisations using Risk Ledger for their supply chain risk management are able to analyse information across all controls, apply their own policies to give contextual risk for their organisation, and communicate directly with suppliers about control improvements or risk concerns.

If you would like to access this data for your suppliers, please get in touch with a member of the team.