Our partner Samen Digitaal Veilig (SDV) has launched the Estimated Risk Index (ERI): an innovative solution that helps organisations quickly and demonstrably gain insight into cyber risks within their supplier chain.
For organisations working with NIS2 Supply Chain (NIS2 SC), this is an important development. NIS2 requires organisations to identify and manage risks within their supply chain. This always starts with insight: where are the risks within your supplier base?
Automatic risk scoring for 170,000 suppliers
The ERI provides a practical solution. Based on public and purchased data sources, more than 170,000 Dutch companies are automatically classified by risk level. As soon as you import your supplier base into the SDV platform, each supplier immediately receives a risk score.
This makes it clear at a glance:
- which suppliers pose an increased risk
- what risk level is associated with them
- where your organisation should prioritise
This significantly accelerates a crucial first step in NIS2 compliance: conducting a substantiated risk analysis per supplier.
From insight to action within NIS2 Supply Chain
Within NIS2 SC, this risk analysis forms the basis for determining appropriate measures and the correct certification level per supplier. By making risks transparent in advance, you can steer effectively towards proportionality and avoid unnecessary costs or overburdening your chain.
The ERI aligns seamlessly with this by:
- automatically identifying risks
- directly prioritising suppliers
- accelerating the translation into appropriate measures
Efficient and scalable supplier management
The ERI is fully integrated into the SDV platform and will soon also be available via an API. This allows the risk classification to be directly linked to existing supplier management systems. Manual work is minimised and data remains up to date.
Availability
The ERI is available to all paying participants of the SDV platform and is included in both the Standard and Corporate packages.
Why this matters
With the introduction of NIS2, supplier management becomes a demonstrable obligation. Tools such as the ERI make it possible to fulfil this obligation not only in a compliant manner, but also efficiently and at scale.
Would you like to know how to apply this within your organisation or NIS2 Supply Chain programme? Please contact Samen Digitaal Veilig.
