RapidRatings International, Inc. is a quantitative ratings company. RapidRatings provides Financial Health Ratings (FHRs) and associated analytics reports generated from financial statement data. FHRs are industry specific and based on RapidRatings industry codes that are allocated to companies based on their core business models.
RapidRatings is an international company, and as a result is familiar with both US and EU laws, regulations, and industry best practices regarding general and personal data.
RapidRatings is ISO27001:2013 certified.
Our information security policies are supported by standards and controls that align to internationally recognized information security standards NIST800-53 rev 4, NIST 800-171, and ISO27000.
RapidRatings has an organizational commitment to the security and protection of client and member data. Executive commitment ensures the systems we provide meet industry best practice information security principles.
All data is transmitted via HTTPS TLS1.2 encryption and is encrypted at rest when stored in US-based data centers that are ISO27001:2013 and SOC 1 & 2 certified.
RapidRatings services are hosted within Amazon AWS cloud infrastructure. The live service is hosted in multiple redundant data centers in the US East region of AWS, synchronized daily with our disaster recovery facility hosted in the US West region of AWS. Our data center vendors have no access to data.
RapidRatings' SaaS offering is through multi-tenancy. RapidRatings client and member portal applications are deployed in a typical three tier application architecture. Each tier is deployed on multiple, load balanced hosts to ensure continuous availability of the service. All data is encrypted in transit and at rest using best-in-class encryption standards (TLS1.2 and AES256).
RapidRatings ensures that any third-party vendors that it works with meet industry standards as it relates to the third-party vendors' information security policies and procedures. In this regard, RapidRatings has implemented a Vendor Risk Management Policy and a Key Vendor Compliance Review Policy that sets the parameters for engaging with third-party vendors.
Safeguarding private company data is among our most important priorities. We have extensive controls on our technology and also have processes and policies in place that further these goals.
At RapidRatings, we leverage private company data on an aggregated, anonymous basis to support various R&D and benchmarking activities. For example, this data informs the continued development and enhancements of our underlying ratings models. Additionally, we may analyze this data to produce insights about broad financial health trends within certain industries or regions.
Security of client and member data is of paramount importance, and we store data on behalf of many fortune-500 companies. User accounts are managed via defined processes with secure, complex password management. As an organization, we have a culture rooted in continuous improvement. We consistently review processes and security measures to ensure they are up-to-date.