Default Impact Score Categories Ingrid The Impact Score is distributed across the following default categories: Ease of Replacement Legal and Regulatory Requirements Criticality of Service Type of Information Volume of Information Size of Commitment Ease of Replacement Use Ease of Replacement to evaluate and indicate how easily you could replace this third party product or service with others. Legal and Regulatory Requirements Use Legal and Regulatory Requirements to analyze the applicable legal and regulatory requirements of your company information that will be shared with the third party being evaluated. Criticality of Service Criticality of Service rates how critical the provided service or product is to your company. Type of Information Use Type of Information to rate the importance of the information (from your company) that this third party will possess or have access to. Volume of Information Score Volume of Information based on the volume of sensitive company information the third party will possess or have access to. Size of Commitment Size of Commitment considers the overall cost, agreement, and number of users to measure the size of your company’s commitments. January 31, 2025: Separated from Vendor Scoring: Trust, Impact, & Risk. Related articles Vendor Score: Impact Score Vendor Score: Risk Score Vendor Score: Trust Score How are Bitsight Security Ratings Calculated? Ratings Algorithm Update – July 10, 2025 Feedback 0 comments Please sign in to leave a comment.