Corporate Evaluation
Terishield assesses businesses by emphasizing crucial aspects such as cash flow, business balance, the relationship between sources of funding and uses, the industry of belonging, and competitiveness. It uses proprietary business analysis software, which begins with the analysis of the financial statements to provide a comprehensive evaluation of the company. This tool not only examines cash flow and calculates specific indicators but is also capable of anticipating industry trends and guiding companies in adapting to evolving markets, minimizing associated risks.
Credit Rating
To understand the financial health of a company, it is crucial to calculate and analyse certain financial ratios. Credit scoring, a quantitative practice often based on statistical methods, aims to distinguish businesses at high risk of failure from those that are financially solid. In 1968, Edward I. Altman introduced the Z-Score model, identifying the crucial factors for every credit scoring system. The common goal of all models proposed to date is to minimize estimation error or maximize statistical probability. Each model must also confront various technical challenges well-known in the sector. Their model aims to overcome these difficulties.
As added value, their credit rating system assigns scores to companies, increasing their market visibility in terms of financial health. This indicator has been developed to be applicable to small and medium-sized enterprises (SMEs) as well, which constitute the true economic fabric of a country. Their system allows SMEs to highlight their financial credibility and reliability to customers and suppliers, including banking institutions.
Cyber Rating
As an added value, they provide clients with a cyber rating indicator based on a proprietary model that scores companies, highlighting their cybersecurity and digital resilience in the market. This indicator has been designed to be applicable to small and medium-sized enterprises (SMEs) as well, which are essential in a country’s economy. Their system allows clients to showcase their solidity and reliability in terms of cybersecurity, strengthening the chain of trust and mitigating risks associated with the cyber supply chain. In this way, companies can improve their digital reputation and strengthen trust in cybersecurity, both internally and in interactions with partners and clients along the supply chain.
Regulatory Risk Management
Every company is inherently subject to regulatory risks, among which the risk related to privacy and related sanctions in case of system violations or leakage of sensitive data concerning employees, customers, or partners stands out. Effective management of these regulatory risks can be achieved through the adoption of Organizational Models and compliance programs. A compliance program involves the systematic and controlled execution of activities aimed at improving and constantly verifying the level of adherence to regulations. However, sometimes this is not enough!
At Terishield, they have a competence centre specialized in implementing actions for the assessment of regulatory risks and their derivatives. This includes the detailed analysis of processes subject to regulation, the identification of an unexpected minimum and maximum risk range, and the formulation of a proposal for a customized investment plan, developed in collaboration with their partners, to ensure effective coverage.
For example:
- Federal Act on Data Protection (FADP 235.1)
- Swiss Banking Act of 1934
- Swiss Banking Regulation (FINMA Circular)
- Circular FINMA 2008/21 Appendix 3
- Circular FINMA 2018/3 “Outsourcing of Banks”
Supply Chain Assessment
Supply Chain security is a crucial aspect for any organization that relies on external suppliers for the acquisition of products or services necessary for its business. This service involves evaluation activities aimed at identifying and mitigating potential risks stemming from these elements.
A threat actor could exploit vulnerabilities present in IT products or services, or in the processes used between customers and suppliers, to gain unauthorized access to the infrastructure and corporate data. A concrete example of this scenario is the attack suffered by the software company Kaseya. On July 2, 2021, a ransomware group known as REvil exploited a vulnerability in Kaseya’s VSA software, causing significant disruptions for thousands of companies that used it and exposing them to ransomware risk.
However, Supply Chain risks can also concern suppliers with whom the organization works more closely and who may not pay particular attention to cybersecurity. This underscores the importance of a Supply Chain security verification service.
Terishield’s service conducts thorough due diligence of the organization’s supply chain. Through non-invasive technical controls and procedural methodologies, they analyse data and service flows between the organization and its suppliers. In this way, they identify potential points of attention, risks, and vulnerabilities.
Once the risks are identified, mitigation actions are suggested to reduce these risks. These actions can include establishing or improving the collaboration process with suppliers to introduce the necessary security controls.
Terishield assesses businesses by emphasizing crucial aspects such as cash flow, business balance, the relationship between sources of funding and uses, the industry of belonging, and competitiveness. It uses proprietary business analysis software, which begins with the analysis of the financial statements to provide a comprehensive evaluation of the company. This tool not only examines cash flow and calculates specific indicators but is also capable of anticipating industry trends and guiding companies in adapting to evolving markets, minimizing associated risks.
Suggested services
To understand the financial health of a company, it is crucial to calculate and analyse certain financial ratios. Credit scoring, a quantitative practice often based on statistical methods, aims to distinguish businesses at high risk of failure from those that are financially solid. In 1968, Edward I. Altman introduced the Z-Score model, identifying the crucial factors for every credit scoring system. The common goal of all models proposed to date is to minimize estimation error or maximize statistical probability. Each model must also confront various technical challenges well-known in the sector. Their model aims to overcome these difficulties.
As added value, their credit rating system assigns scores to companies, increasing their market visibility in terms of financial health. This indicator has been developed to be applicable to small and medium-sized enterprises (SMEs) as well, which constitute the true economic fabric of a country. Their system allows SMEs to highlight their financial credibility and reliability to customers and suppliers, including banking institutions.
As an added value, they provide clients with a cyber rating indicator based on a proprietary model that scores companies, highlighting their cybersecurity and digital resilience in the market. This indicator has been designed to be applicable to small and medium-sized enterprises (SMEs) as well, which are essential in a country’s economy. Their system allows clients to showcase their solidity and reliability in terms of cybersecurity, strengthening the chain of trust and mitigating risks associated with the cyber supply chain. In this way, companies can improve their digital reputation and strengthen trust in cybersecurity, both internally and in interactions with partners and clients along the supply chain.
Every company is inherently subject to regulatory risks, among which the risk related to privacy and related sanctions in case of system violations or leakage of sensitive data concerning employees, customers, or partners stands out. Effective management of these regulatory risks can be achieved through the adoption of Organizational Models and compliance programs. A compliance program involves the systematic and controlled execution of activities aimed at improving and constantly verifying the level of adherence to regulations. However, sometimes this is not enough!
At Terishield, they have a competence centre specialized in implementing actions for the assessment of regulatory risks and their derivatives. This includes the detailed analysis of processes subject to regulation, the identification of an unexpected minimum and maximum risk range, and the formulation of a proposal for a customized investment plan, developed in collaboration with their partners, to ensure effective coverage.
For example:
- Federal Act on Data Protection (FADP 235.1)
- Swiss Banking Act of 1934
- Swiss Banking Regulation (FINMA Circular)
- Circular FINMA 2008/21 Appendix 3
- Circular FINMA 2018/3 “Outsourcing of Banks”
Supply Chain security is a crucial aspect for any organization that relies on external suppliers for the acquisition of products or services necessary for its business. This service involves evaluation activities aimed at identifying and mitigating potential risks stemming from these elements.
A threat actor could exploit vulnerabilities present in IT products or services, or in the processes used between customers and suppliers, to gain unauthorized access to the infrastructure and corporate data. A concrete example of this scenario is the attack suffered by the software company Kaseya. On July 2, 2021, a ransomware group known as REvil exploited a vulnerability in Kaseya’s VSA software, causing significant disruptions for thousands of companies that used it and exposing them to ransomware risk.
However, Supply Chain risks can also concern suppliers with whom the organization works more closely and who may not pay particular attention to cybersecurity. This underscores the importance of a Supply Chain security verification service.
Terishield’s service conducts thorough due diligence of the organization’s supply chain. Through non-invasive technical controls and procedural methodologies, they analyse data and service flows between the organization and its suppliers. In this way, they identify potential points of attention, risks, and vulnerabilities.
Once the risks are identified, mitigation actions are suggested to reduce these risks. These actions can include establishing or improving the collaboration process with suppliers to introduce the necessary security controls.
