The Cyber Assurance Risk Rating (CARR)

Discussion of The Cyber Assurance Risk Rating

What is the Cyber Assurance Risk Rating (CARR)


According to Gartner, “By 2022, cyber-security ratings will become as important as credit ratings when assessing the risk of business relationships.” 

The report continues, “Over the next six years, these [cyber-security rating] services will become a mandatory precondition for a growing number of business relationships and part of the standard of due care for providers and procurers of services. These cyber-security scores will impact the degree to which other companies engage in high-value business with the organization.”

The Cyber Assurance Risk Rating (CARR) is the de facto Australian standard in assessing business risk, when reviewing business relationships with third party suppliers. CARR provides a global, regional and local view of an organisation’s risk profile and the likelihood of a data breach via third party suppliers.