Skip to main content
  • Service

Supplier Cyber Trust Level

Manage cybersecurity risk across your supply chain and demonstrate the trustworthiness of your security practices.

Global world network connected around planet Earth,

Increased diversity and complexity of global supply chains lead to growing cybersecurity threats, and end application ecosystems are only as strong as their weakest link.

UL’s Supplier Cyber Trust Level solution aids procurement mechanisms and helps strengthen the overall supply chain. Our IoT supply chain solution helps industrial, automotive and medical device organizations mitigate risk of introducing security issues into their end products, applications and ecosystems that could expose software or system vulnerabilities for customers and end product use.

UL’s Supplier Cyber Trust Level helps suppliers and vendors better navigate procurement and quality assurance processes by demonstrating the trustworthiness of their security practices across the following key trust categories:

  • Software development practices
  • Software development environment and infrastructure
  • Hardware development practices
  • Product documentation
  • Secure production processes and delivery management
  • Security issue management
  • Hosted software
  • Quality management
  • Enterprise security
  • Supplier management

Suppliers and vendors benefit from a single security level provided through an experienced assessment and evaluation process. The Supplier Trust Level also helps with an additional level of competitive differentiation via an independent, documented Supplier Maturity Trust Level.

Key benefits

  • Address and reduce the security risks associated with connected technology supply chains
  • Supports collaboration and sharing of cybersecurity best practices
  • Utilizes appropriate evaluation methods for cybersecurity assurance of your digital transformation
  • Demonstrates the added value of supplier security practices for procurement
  • Provides external cybersecurity expertise and organizational bandwidth support

Supplier maturity trust levels

  • Level 1: Nascent – No or few ad-hoc security practices have been implemented
  • Level 2: Challenger – Basic security practices have been incorporated in some processes
  • Level 3: Contender – Intermediate security practices have been incorporated in some processes
  • Level 4: Strong Performer – Advanced security practices have been incorporated in most of the processes
  • Level 5: Leader – Highest trust level attained

UL’s Supplier Cyber Trust Level helps navigate the current global complexity of cybersecurity by mapping and leveraging security controls from well-known/popular industry best practices, standards and frameworks, including:

  • NIST cyber supply chain risk management
  • ENISA supply chain attacks
  • METI Society 5.0
  • NERC CIP-013-1UK
  • Supplier Assurance
  • ISO/IEC 20243-1
  • IEC 62443-4-1 & 62443-2-4
  • ISO 27001

As an independent trusted third party, UL helps manage the Supplier Cyber Trust Level on behalf of organizations as a time-efficient and cost-efficient process to assess supply chain security risk.

Get in touch

Have questions, need specifics? Let's get this conversation started.

Help and support

How can we help?