Get In Touch

Register Interest

Enterprises

Enterprises

Independent supplier assurance.

Supplier questionnaires can be useful, but they are still self-reported.

ACE provides a more credible model for enterprises seeking stronger assurance that suppliers have controls and governance in place.

What ACE Gives Enterprises

  • a more credible basis for supplier assurance
  • independent certification by Bureau Veritas
  • a clearer alternative to self-declaration alone
  • a tiered model that can work across a varied supplier base
  • confidence that suppliers have governance in place, not just technical controls
  • a future public verification register once certifications are live
  • stronger confidence when discussing supplier cyber risk internally

Don't take the supplier’s word.

Evidence based assessment certified by Bureau Veritas

BV white

Common Questions

We already require ISO/IEC 27001 from some suppliers.

ISO/IEC 27001 remains a rigorous and respected standard. ACE is intended to sit alongside existing assurance models and provide a more practical pathway for suppliers that are unlikely to achieve full ISO/IEC 27001 certification in the near term.

We already use supplier questionnaires.

Questionnaires still reflect what a supplier says about itself. ACE is intended to provide a more credible, independently reviewed basis for assurance.

We already have our own third-party risk framework.

ACE is designed to complement existing supplier risk processes, not replace them.

People combined

Interested in ACE for your organisation or supply chain?

Register your interest and the ACE programme team will review your enquiry and respond.

Register Interest
Get In Touch