Risk Assessment, Gap Analysis & Audits
Completion of Test of Key Controls, assessing the administrative, technical and physical safeguards in place to protect the organization’s sensitive internal and client information.
Identify any potential internal and external threats as it relates to your organization’s information technology infrastructure as within the guidelines of the NIST Cybersecurity Framework.
Assignment of risk ratings for each item tested, share recommendations for mitigating potential information security threats to assist with the reduction of associated risk.
At Intrinium, we recommend Risk Assessments to help organizations understand the risk as it stands in a client’s current environment. The assessments are customized for the needs and controls within a organization, this could include assessing your digital and physical environment depending on the regulatory requirements and standards. This will also help clients understand potential options and strategies for managing these risks to a level that works for their business continuity.
Risk Assessment is the combined effort of executing the following:
Identifying and analyzing potential (future) events that may negatively impact individuals, assets, and/or the environment (i.e., risk analysis)
Making judgments “on the tolerability of the risk on the basis of risk analysis” while considering influencing factors (i.e., risk evaluation)
Completion of Test of Key Controls, assessing the administrative, technical and physical safeguards in place to protect the organization’s sensitive internal and client information
Identify any potential internal and external threats as it relates to your organization’s information technology infrastructure as within the guidelines of the NIST Cybersecurity Framework
Assignment of risk ratings for each item tested, share recommendations for mitigating potential information security threats to assist with the reduction of associated risk
Intrinium’s Gap Analysis will be performed to identify problem areas that could result in the failure of an Attestation of Compliance engagement. Intrinium will interface with your staff to simulate testing that would arise during an actual Attestation of Compliance engagement. Items evaluated will include all areas required by either the PCI Security Council, HIPAA, FFEIC, GLBA and other regulatory requirements as needed.
Gap Analysis is the combined effort to fully understand where your business stands as it relates to your security posture:
What is the state of our organization at the time of the analysis?
Where do we want to be as an organization?
How are we going to close the gap?
Intrinium’s Audit will be performed to examine the management controls within an Information Technology infrastructure and provide a comprehensive review of an organization’s adherence to regulatory guidelines. Our Auditors will work with your team to evaluate the state of your organization as it relates to all areas required by either the PCI Security Council, HIPAA, FFEIC, GLBA and other regulatory requirements as needed.
Our reports will address the following:
User Access Control
Risk Management Procedures
Intrinium provides the following solutions:
HIPAA Risk Assessment, Gap Analysis and Audits
NIST CSF Assessment, Gap Analysis and Audits
SANS Top 20 Risk Assessment, Gap Analysis and Audits
PCI DSS Cyber Risk Assessment, Gap Analysis and Audits
We are here to help, contact us today.
With the world focused on COVID-19, everyone is understandably concerned about how to survive the short-term. The strategy has been radically changed, but that is ok – we know that as a global community we will come away from this. One of the observations that we have...
Managing medical environments from small clinics to a large hospital takes a certain level of finesse, knowledge, and operational understanding. Unlike many other medical practices, we have identified unique challenges that dental practices are facing across the...
Many organizations are still struggling to transition their workforce to a remote-friendly deployment. We recommend looking at a solution that meets the following requirements: Secure access that maintains authentication and access controls Scalable and available so...
As workforces are forced to operate in a de-centralized manner, organizations are challenged with not only the transition to enabling a remote workforce, but also providing operational IT and security support for their users. With all the chaos, it may seem easy to...
COVID-19 accelerated an already rapidly unfolding discussion about the future of work. The availability of flexible work resources is greater than ever, but many teams lack adequate governance in place to effectively leverage them. The most common mistake is to...
It is a quiet morning as I tightrope around the numerous obstacles in my path, slowly heading towards my home office, precariously balancing molten coffee with the fresh scent of my morning bagel in the air, in what can only be described as Cirque du Soleil maneuvers....
One of the most important lessons that a CIO or CISO can learn is to never let a crisis go to waste. If you are like me, the “Pandemic” entry in your risk assessment and business continuity plan was considered, but perhaps overlooked a bit in favor of fires, floods,...
With more and more companies having non-essential personnel working at home to reduce risk, we wanted to touch on some of the risks from a defender standpoint. One of the big things in my mind is that attackers are using the cover of increased remote work to try and...
All the discussions and media coverage surrounding COVID-19 are enough to make anyone wish to unplug from it all and while this is admittedly a fantastic way of cleansing the mental palette to focus on the more essential aspects of life, cyber criminals are working...
Managing your business’ IT when you aren’t able to be on site can be complicated. Intrinium’s experts are available to remotely support your business, assist in navigating your IT challenges and ultimately save you time, money and increase your productivity. If you...