For Suppliers
Everything under control
A CyberRisk Rating by KSV1870 demonstrates to your customers that your company is cyber secure.
Only 25 requirements
The CyberRisk Rating is based on 25 practical questions that are easy for you to answer with minimal effort.
Secure
Your customers are exclusively provided with the rating - you retain control over your sensitive information.
The CyberRisk Rating Models
The rating assesses cyber risks of service providers, suppliers, and third parties. Behind it lies a standardized, multi-stage process in which the so-called WebRisk Indicator and a validated self-assessment - the CyberRisk Rating - play important roles.
Process of the CyberRisk Rating
for Assessed Companies
The CyberRisk Rating by KSV1870 is completed for assessed companies in 3 steps.
The assessment consists of two parts: Part B with 14 questions covering basic security measures, and Part A with 11 questions addressing an advanced level of security. The requirements queried can be viewed in the KSÖ schema at any time. For each requirement of the Cyber Risk Scheme, it must be indicated whether it is fulfilled (Yes/No). In case of a positive response, organizations must provide a description of how the requirement is implemented in the company and what evidence can be presented if necessary.
If a validator deems one or more of your responses unclear and requests further details, you will be notified by us. Upon receiving this notification, you will have the opportunity to revise your answers once. Subsequently, your assessment will be resent to the validator and evaluated conclusively.
In the final step, you select the CyberRisk Rating for your company - either A or B rating. You will be provided with a recommendation to assist you in this decision. Once you have chosen the desired rating, the process is completed for you. Your CyberRisk Rating will now remain valid for one year.
The Base for Every CyberRisk Rating:
The Cyber Risk Scheme of the Kompetenzzentrum Sicheres Österreich
The Austrian standard based on the EU NIS Directive: Since the beginning of 2020, the Kompetenzzentrum Sicheres Österreich (KSÖ) together with security experts from industry, administration and critical infrastructure has developed a standard for evaluating cyber risks. This standard is based on the requirements of the EU Directive 2016/1148 ("NIS"), which aims to achieve a higher level of security for networks and information systems throughout the EU.
Information Materials
for Assessed Companies
FAQs
If you cannot find an answer to your question here, please do not hesitate to contact our team. We are available by phone at +43 (0) 732 / 860 626 and via email.
Who can customers contact?
What benefit does this provide for the customers?
What is the cost of the CyberRisk Rating by KSV1870?
Where can the CyberRisk Rating be used?
Does the CyberRisk Rating affect the KSV1870 rating?
How does the CyberRisk Rating process work?
In Collaboration with
