IISRIRating Security for the Public

What are information security ratings?

An information security rating is an opinion based on an evaluation of the information security posture of a prospective data collector (an individual, a business, organisation or a government), predicting their ability to protect their own data and that of their customers, and an implicit forecast of the likelihood of the collector defaulting in doing so.

grooming session

The ratings range from the lowest D up to AAA which represents the highest possible rating. The rating scale is available on our website here.

IISRI has developed robust and detailed methods to assess organisations and their services to be able to provide the public with objective and independent information security ratings. The services of IISRI consist of an external rating service and an internal rating service. The external rating service is only based on public information, without the need of cooperation of the assessed organisation. The internal rating service requires the cooperation with the organisation and is thus besides on public information also based on internal organisation information.

Although each type of rating service has its own assessment methodology, they have the following features in common.
The assessments and ratings

Types of ratings and description of assessments' methodology are available on our website here

Any information, materials and services provided on this website are under Terms and Conditions. By using and/or accessing this website you agree with them. If you don't agree, leave this website.

This website use cookies. You can find our Privacy Policy here.
OK