ISO/IEC 27001:2022 aligned
Supplier Information Security Risk Assessment, audit-ready by design.
Onboard suppliers, run structured assessments mapped to Annex A controls, score CIA-based risk, document treatment plans, and export formal ISRA documents — all in one place.
Onboard supplier
Capture entity details, hosting model, and data classification.
Send magic link
Suppliers complete the assessment without creating an account.
Score CIA risk
Inherent and residual ratings derived from Annex A control answers.
Export ISRA
Formal PDF or Word document, ready for external audit.
Aligned to ISO/IEC 27001:2022
Questionnaire structured into 14 control domains (A–N) mapped to Annex A references. Risk scored using confidentiality, integrity and availability impact × likelihood, with control effectiveness derived from supplier evidence.
Annex A.5Annex A.6Annex A.7Annex A.8