Abstract

All IT compliance frameworks (NIST, PCI, HIPAA, FFIEC, etc.) include Risk Assessment. Anyone who has tried to scope, execute and document an IT risk assessment for their organization knows there are many challenges including:

• Spreadsheet sprawl
• What assets do I include?
• How do I know if I have a comprehensive set of risks?
• How do I capture threats specific to my organization?
• How do I know what risks apply to which business process?
• And many more...

In this session we will share with you our time-tested, risk assessment process that incorporates pre-defined industry standards and best practices in our new risk assessment application that our consultants use to execute risk assessments for our clients.

Presented by