Transparent by Design
The Methodology
Every signal, score, and review on Arodus follows rules we publish openly. This page documents exactly how the system works and will grow as new modules launch.
Peer Intelligence
How Vendor Ratings Are Calculated
The ratings you see on Arodus are a spend-weighted aggregate of verified buyer experiences, not crowdsourced opinions. Here is exactly how a vendor's rating is composed, and why ERP-verified spend data produces a more reliable signal than public reviews or self-reported surveys.
01
Only Paying Buyers Count
Every rating that counts comes from a buyer who has verifiable invoice history with that vendor. No contribution without receipts, which means no competitor sabotage, no planted reviews, and no signal from anyone who has never actually worked with the vendor.
02
Ratings Reflect Active Relationships
When a buyer stops paying a vendor, their ratings stop contributing to that vendor's aggregate score. What you see is current, built only from active, paying relationships. Not a historical average that includes people who moved on years ago.
03
You Know Who Is Talking
Ratings are anonymous, but not opaque. Each contribution shows the reviewer's organizational role and their verified annual spend tier. You can judge whether the experience is relevant to your own relationship with that vendor.
04
The Aggregate Is Spend-Weighted
The final vendor rating is not a simple average. Each review is multiplied by the reviewer's verified 12-month spend with that vendor, then divided by total active spend across all reviewers. A $600k/year relationship shapes the score more than a $6k pilot, because proportional dependency is the real measure of trust.
Aggregate Rating = Sigma(Score x Verified Spend) / Sigma(Verified Spend), calculated across all active, ERP-verified reviewers.
The Six Risk Dimensions
Every vendor is scored across six categories using proprietary internal data and public signals. Each dimension has defined event types, data sources, and update cadences.
01
Operational Risk
Service outages, downtime, and degradation events, flagged the moment they start, before your team notices the impact downstream.
02
Cybersecurity Risk
Data breaches, ransomware events, and critical CVE exploits, tracked across government alerts, official disclosures, and verified news before they reach the press cycle.
03
Financial Risk
Bankruptcy filings, credit rating downgrades, missed earnings targets, and acute liquidity signals, surfaced from public filings and scored using the Altman Z-Score model.
04
Compliance and Regulatory Risk
OFAC sanctions, significant GDPR fines, active litigation, and government-mandated bans, monitored across official registries, court records, and watchlists.
05
Reputational Risk
Executive misconduct, fraud accusations, and sudden spikes in negative public sentiment, differentiated between verified news and unverified chatter using sentiment analysis.
06
Strategic Risk
Major M&A activity, geopolitical instability, and competitor acquisitions, tracked before they make headlines using news signals and prediction market data.
Data Transparency
What We Read From Your ERP
Arodus connects via OAuth and requests read-only permissions. We access two objects and nothing else. You can revoke access at any time from within your ERP.
01
Vendor Object
Vendor Records
Vendor name, legal name, address, contact details, vendor type, and account number. Used to build your canonical vendor list and deduplicate ERP entries, so AWS East and Amazon Web Services resolve to one vendor profile with a unified risk score.
Used for
Vendor identity, canonical mapping, deduplication, risk profile creation
02
Bill Payments Object
Bill and Payment Records
Vendor, invoice date, payment date, and payment amount in the bill's currency. Line-item SKU data is explicitly excluded. We ingest at the bill level only. Used to verify active vendor relationships, calculate rolling 12-month spend per vendor, and determine peer review eligibility.
Used for
Spend verification, review eligibility, 12-month rolling spend, risk score weighting
We do not read income statements, balance sheets, chart of accounts, payroll data, employee records, bank account details, or any financial data beyond bill-level payment records. Read-only access means Arodus can never write to, modify, or delete anything in your ERP.
Vendor Health Status Taxonomy
Every vendor on Arodus carries a current health status, updated automatically as signals arrive. Status levels define both the severity of risk and the operational response required.
Healthy
100-90
Operational Trigger
Routine monitoring. No action required.
Risk Triggers
No active signals across Cybersecurity, Financial, Compliance, Reputational, or Strategic dimensions. Altman Z-Score above 2.99, clean compliance record, no negative news, no pending litigation.
Warning
89-75
Operational Trigger
Increase monitoring frequency, flag for quarterly review.
Risk Triggers
Minor predictive signals: Polymarket adverse-event probability 60-79%; Altman Z-Score entering grey zone (1.81-2.99); unconfirmed negative sentiment spike; minor compliance inquiry opened (unfined); unverified executive departure.
Degraded
74-50
Operational Trigger
Notify procurement team. Begin contingency planning.
Risk Triggers
Confirmed moderate event: minor regulatory fine; regional data incident disclosed but contained; Altman Z-Score below 1.81; unverified breach with partial confirmation; minor lawsuit filed; credit rating on negative watch.
Severe
49-25
Operational Trigger
Escalate to CPO/CFO. Initiate vendor replacement search.
Risk Triggers
High-impact confirmed event: ransomware attack confirmed; major lawsuit with material damages; significant credit downgrade; OFAC preliminary inquiry opened; confirmed executive misconduct; large regulatory fine; Polymarket adverse-exit probability above 80%.
Critical
24-0
Operational Trigger
Immediate executive escalation: freeze new spend, activate continuity plan.
Risk Triggers
Existential event: bankruptcy filing; OFAC sanctions imposed; confirmed mass data breach with PII exposure; criminal charges against executives; government-mandated ban; hostile acquisition by sanctioned entity.
Inactive
N/A
Operational Trigger
Contract terminated or offboarded; archived, not scored.
Risk Triggers
Contract terminated, offboarded, or $0 L12M spend. Removed from active scoring. Historical data retained for audit purposes.
© 2026 Arodus. All rights reserved.