Risk Assessment, Gap Analysis & Audits

Gap Analysis

Intrinium Diamond

Completion of Test of Key Controls, assessing the administrative, technical and physical safeguards in place to protect the organization’s sensitive internal and client information.

 

Audit

Intrinium Diamond

Identify any potential internal and external threats as it relates to your organization’s information technology infrastructure as within the guidelines of the NIST Cybersecurity Framework.

 

Risk Assessment

Intrinium Diamond

Assignment of risk ratings for each item tested, share recommendations for mitigating potential information security threats to assist with the reduction of associated risk.

 

 

Risk Assessment

At Intrinium, we recommend Risk Assessments to help organizations understand the risk as it stands in a client’s current environment. The assessments are customized for the needs and controls within a organization, this could include assessing your digital and physical environment depending on the regulatory requirements and standards. This will also help clients understand potential options and strategies for managing these risks to a level that works for their business continuity.

Risk Assessment is the combined effort of executing the following:

Identifying and analyzing potential (future) events that may negatively impact individuals, assets, and/or the environment (i.e., risk analysis)
Making judgments “on the tolerability of the risk on the basis of risk analysis” while considering influencing factors (i.e., risk evaluation)
Completion of Test of Key Controls, assessing the administrative, technical and physical safeguards in place to protect the organization’s sensitive internal and client information
Identify any potential internal and external threats as it relates to your organization’s information technology infrastructure as within the guidelines of the NIST Cybersecurity Framework
Assignment of risk ratings for each item tested, share recommendations for mitigating potential information security threats to assist with the reduction of associated risk

Gap Analysis

Intrinium’s Gap Analysis will be performed to identify problem areas that could result in the failure of an Attestation of Compliance engagement. Intrinium will interface with your staff to simulate testing that would arise during an actual Attestation of Compliance engagement. Items evaluated will include all areas required by the either the PCI Security Council, HIPAA, FFEIC, GLBA and other regulatory requirements as needed.

Gap Analysis is the combined effort to fully understand where your business stands as it relates to your security posture:

What is the state of our organization at the time of the analysis?
Where do we want to be as an organization?
How are we going to close the gap?

Audit

Intrinium’s Audit will be performed to examine the management controls within an Information Technology infastructure and  provide a comprehensive review of  an organizations adherence to regulatory guidelines.  Our Auditors will work with your team to evaluate the state of your organization as it relates to all areas required by the either the PCI Security Council, HIPAA, FFEIC, GLBA and other regulatory requirements as needed.

Our reports will address the following:

Compliance Preparations
Security Policies
User Access Control
Risk Management Procedures

Intrinium provides the following solutions:

HIPAA Risk Assessment, Gap Analysis and Audits
NIST CSF Assessment, Gap Analysis and Audits
SANS Top 20 Risk Assessment, Gap Analysis and Audits
PCI DSS Cyber Risk Assessment, Gap Analysis and Audits

We are here to help, contact us today.

Buzzword Breakdown: “Cyber Kill Chain”

By Sahan Fernando - Director, Managed Security - Intrinium  Before I begin, I have to disclose that I attend a lot of conferences. I love continuing education and interacting with fellow infosec professionals. I also struggle with #badgelife, which is your efforts to...

Pin It on Pinterest