RATINGCY is a cyber security rating agency that objectively evaluates the IT security of companies on the basis of a security rating. With RATINGCY, secion GmbH has developed a new brand that takes into account the urgent demand of vertical markets for the evaluation of IT security in companies. At the latest since the IT Security Act came into force in May 2015, the binding and comparable assessment of companies' cyber-security capabilities has experienced a new urgency.
RATINGCY uses a two-stage procedure in its Standard rating level to create a uniform and comparable security rating. The first step is a technical IT security check. The second part of the security assessment includes an organizational security audit, which is based on the requirements of basic IT protection as well as the ISO standard 27001/2. RATINGCY calculates the two partial results according to a transparent method. As a final result, you will receive a risk score and a RATINGCY results diagram showing the value of your company's IT security compared to the industry average.
The RATINGCY rating system classifies valid and transparent the estimated level of IT security of companies you want to contract.More information
RATINGCY provides you with the valuation factor for IT security, which is nowadays an indispensable factor in a mature company valuation and thus has a decisive influence on your credit decision.More information
RATINGCY evaluates the IT security status of companies focused on M&A (Mergers and Acquisitions) business processes.More information
(Third Party /Vendor Risk Management)
With RATINGCY you create the prerequisites for a valid and transparent evaluation of the IT security of potential partner companies.
Rating agencies that examine companies with regard to their creditworthiness have so far failed to take into account the factor of IT security assessment or have failed to do so.
If the credit rating is not supplemented by the result of a standardized IT security assessment from the outset, you will not be able to answer the following questions:
How to assess the IT security level of your supplier you are planning to contract with? How do you determine the premium amount for the company that would like to take out a company liability or even cyber insurance with you? How do you assess the risk of a successful cyber attack and its consequences for the company you are planning to take over in the short term?
Irrespective of the reason for which the assessment of a company's IT security is relevant to you - an incorrect or completely ignored assessment of this factor by your potential business partner, customer, supplier or service provider means the risk of financial or even legal consequences for you.