What is a Risk Score and how it is being calculated?

Depending on the data types, scope, and purposes, each vendor relationship is different and the Risk Score of the company using the vendor will also differ.

Trust Grades are general scores given to vendors based on their privacy practices, while Risk Scores are tailored and unique scores based on your relationship with the vendor.

The score is based on the information you provide about how you interact with this vendor.

Essentially, the score is a measurement of the effect something could have on your company if something went wrong.

Among other things, we consider:

• Types of personal data shared
• Types of individuals whose data is being shared
• Locations of processing
• Roles taken (Controller, Processor)
• The vendor’s Trust Grade
• Retention policies