How RapidRatings produces FHRs
RapidRatings International, Inc. is a quantitative ratings company. RapidRatings provides Financial Health Ratings (FHRs) and associated analytic reports generated from financial accounting data. FHRs are industry specific, based on RapidRatings industry codes that are allocated to companies based on their core business models.
Regulatory zones and certification
RapidRatings is an international company, and as a result is familiar with both US and EU laws, regulations, and industry best practices regarding general data, personal data, and sensitive data.
- RapidRatings is ISO27001:2013 certified.
- Information security policies are supported by standards and controls that align to internationally recognized information security standards NIST800-53 rev 4, NIST 800-171, and ISO27000.
RapidRatings has an organizational commitment to security and protection of customer and client data. Executive commitment ensures the systems we provide meet industry best practice information security principles.
- All data is transmitted via HTTPS TLS1.2 encryption and is encrypted at rest when stored in US based data centers that are ISO27001:2013 and SOC1 & 2 certified.
RapidRatings services are hosted within Amazon AWS cloud infrastructure. The live service is hosted in multiple redundant data centers in the US East region of AWS, synchronized daily with our disaster recovery facility hosted in the US West region of AWS. Our data center vendors have no access to data.
Data access and encryption
RapidRatings SaaS offering is through multi-tenancy. RapidRatings client and counter-party portal applications are deployed in a typical three tier application architecture. Each tier is deployed on multiple, load balanced hosts to ensure continuous availability of the service.
All data is encrypted in transit and at rest using best in class encryption standards (TLS1.2 and AES256).
RapidRatings ensures that any third-party vendors that it works with meet industry standards when it comes to the third-party vendors' information security policies and procedures. In this regard, RapidRatings has implemented a Vendor Risk Management Policy and a Key Vendor Compliance Review Policy which sets the parameters for engaging with third-party vendors.
Safeguarding private company data, whether provided directly by our clients or by the underlying companies themselves, is among our most important priorities. We have extensive controls on our technology and also employ process and policy that furthers these goals.
Aggregated data analysis
At RapidRatings, we do leverage private company data on an aggregated, anonymous basis, to support various R&D and benchmarking activities. For example, these data inform the continued development and enhancements of our underlying ratings models. Additionally, we may analyze these data to produce insights about broad financial health trends within certain industries or regions.
Security of customer and client data is of paramount importance and RapidRatings stores customer and client data on behalf of many fortune-500 companies. User accounts are managed via defined process with secured/complex password management. As an organization, RapidRatings has a culture of constant improvement and review. RapidRatings is always reviewing and improving its security, processes and level of services to its customers and clients.
For further information, please contact our Client Services team at support@rapidratings.com.