The UK’s Nursing and Midwifery Council (NMC) is set to use the Rizikon Assurance cyber risk assessment tool developed by Crossword Cybersecurity.
Rizikon Assurance will be deployed by the NMC to automate supplier onboarding and enhance supplier risk management. The NMC, a regulator of more than 690,000 nurses, midwives and nursing associates in the country, has more than 600 suppliers.
According to Crossword Cybersecurity, all organisations require their suppliers to give assurance that they have adequate controls in place to handle financial, operational and regulatory risk.
Rizikon Assurance will be replacing NMC’s manual paper-based processes, which is expected to improve the regulator’s supplier onboarding process and help it in learning more about its supply chain.
The cyber risk assessment tool will also help the regulator to evaluate and visualise the risk of each supplier more effectively, said Crossword Cybersecurity. Furthermore, by using Rizikon Assurance’s 360-degree Risk Scorecard, NMC can identify risks in its supply chain as a whole.
Crossword Cybersecurity said that the current communication methods of email, scanned forms and phone calls by suppliers to complete the supplier onboarding process can be time-consuming and also resource intensive.
The company claims that Rizikon Assurance automates the supplier onboarding workflow, gives standardised questionnaires, and offers a scalable secure centralised platform through which compliance data can be collected, reviewed and shared.
Through the combination of data from the standardised online questionnaires and integrated Creditsafe financial ratings, the tool will help the organisation identify the risk level in various dimensions of each supplier, and also as areas within it that may need action to bring down their risk exposure.
Crossword Cybersecurity director responsible for Rizikon Assurance Jake Holloway said: “There are many challenges for organisations with complex supply chains when managing third-party assurance risk.
“Technology can play a key role in giving risk and compliance professionals the control and visibility they need, moving risk compliance from a siloed and reactive activity, to a connected, proactive continuous process that delivers a complete view of third-party risk.”