logo cyberrisk rating
icon for suppliers

For Suppliers

Everything under control
A CyberRisk Rating by KSV1870 demonstrates to your customers that your company is cyber secure.
Only 25 requirements
The CyberRisk Rating is based on 25 practical questions that are easy for you to answer with minimal effort.
Your customers are exclusively provided with the rating - you retain control over your sensitive information.

The CyberRisk Rating Models

The rating assesses cyber risks of service providers, suppliers, and third parties. Behind it lies a standardized, multi-stage process in which the so-called WebRisk Indicator and a validated self-assessment - the CyberRisk Rating - play important roles.
graphic rating models

Process of the CyberRisk Rating
for Assessed Companies

The CyberRisk Rating by KSV1870 is completed for assessed companies in 3 steps.
screenshot fill out assessment
The assessment consists of two parts: Part B with 14 questions covering basic security measures, and Part A with 11 questions addressing an advanced level of security. The requirements queried can be viewed in the KSÖ schema at any time. For each requirement of the Cyber Risk Scheme, it must be indicated whether it is fulfilled (Yes/No). In case of a positive response, organizations must provide a description of how the requirement is implemented in the company and what evidence can be presented if necessary.
screenshot correct unclear answers
If a validator deems one or more of your responses unclear and requests further details, you will be notified by us. Upon receiving this notification, you will have the opportunity to revise your answers once. Subsequently, your assessment will be resent to the validator and evaluated conclusively.
screenshot choose rating
In the final step, you select the CyberRisk Rating for your company - either A or B rating. You will be provided with a recommendation to assist you in this decision. Once you have chosen the desired rating, the process is completed for you. Your CyberRisk Rating will now remain valid for one year.
The Austrian standard based on the EU NIS Directive: Since the beginning of 2020, the Kompetenzzentrum Sicheres Österreich (KSÖ) together with security experts from industry, administration and critical infrastructure has developed a standard for evaluating cyber risks. This standard is based on the requirements of the EU Directive 2016/1148 ("NIS"), which aims to achieve a higher level of security for networks and information systems throughout the EU.
icon arrow
Go to Scheme

Cyber Trust Austria Label –
The Seal of Cybersecurity Excellence

With a top rating, you have the opportunity to apply for a Seal of Cybersecurity, the Cyber Trust Austria Label.

Information Materials
for Assessed Companies


If you cannot find an answer to your question here, please do not hesitate to contact our team. We are available by phone at +43 (0) 732 / 860 626 and via email.

In Collaboration with