Industrial Cybersecurity & OT Risk calculator
Vendor Remote Session Risk Calculator
Use this calculator to score defensive risk for vendor remote support sessions into OT environments. It helps compare vendors, assets, and access paths based on impact, session exposure, and control weakness.
What this calculator does
- Rank vendor remote session risk using operational impact, session exposure, and control weakness.
- Use it when reviewing remote support sessions for integrators, OEMs, machine builders, and service providers.
- The result gives a relative score for vendor remote session risk.
Formula used
- Vendor remote session risk score = vendor session impact score × vendor session exposure score × vendor access control weakness score
- Use the same scoring scale across comparable vendor access scenarios.
Inputs explained
- Vendor session impact score: Score the business impact if the supported asset, line, or system is disrupted during vendor remote access.
- Vendor session exposure score: Score exposure using session frequency, duration, number of vendors, account sharing risk, and access path complexity.
- Vendor access control weakness score: Score weakness in approval, MFA, session recording, time bound access, logging, jump hosts, and account ownership.
How to use the result
- Use it to prioritize access reviews, stronger approvals, session logging, and vendor governance.
- It is defensive and does not include bypass or intrusion guidance.
Common questions
- What is the vendor remote session risk calculator for? It ranks risk for vendor remote support sessions into OT systems.
- What information should I enter? Use impact, session exposure, and control weakness scores.
- What does the result tell me? The result helps decide which vendor access paths need stronger governance first.
- When is the result only an estimate? It is only an estimate when session logs, vendor account ownership, or access approvals are incomplete.
Last reviewed 2026-05-12.