Three-Dimensional Risk (3D Risk)

3D Risk is Black Kite's approach to measuring vendor risk across three complementary dimensions simultaneously: (1) Cyber Rating, the technical security posture expressed as letter grades across 20 categories; (2) Probable Financial Impact Rating, the likely dollar-denominated loss using Factor Analysis of Information Risk (FAIR) methodology; and (3) Compliance Rating, the degree of alignment with recognized standards and frameworks. Together, these three dimensions provide a complete picture of vendor risk that serves both security practitioners and business executives.