About Us | Contact Us
View Cart

Increasing the Frequency of Risk Assessments

By Vigilize | Friday, November 8, 2013 - Leave a Comment

Time to ramp up your risk assessment!

When it comes to IT risk assessment, frequency is just as important as the actual assessment. While HIPAA and other compliance mandates only require annual assessments, some experts say this is not enough for most organizations.

Director of risk and advisory services for Neohapsis, Gary Alterson, suggests moving to at least a quarterly assessment schedule. “Given the rapidly changing threat environment and how fast IT moves, I recommend that risk assessments be refreshed and reviewed at least quarterly, if not monthly,”

In order to be able to keep up with the increase in assessments, organizations need to rethink their approach to the process.

“A better approach is to make risk assessments more of a life cycle and process within the organization. Perform assessments continuously throughout the year,” says Jim Mapes, chief security officer at BestIT.

Organizations need to build time and resources into the IT lifecycle. Here are some tips to starting:

  1. Track. Start a daily tracking of risk factors.
  2. Prioritize. Focus on what matters most, the most risk-adverse data.
  3. Mitigate. Don’t just assess risk, work towards mitigating it throughout the IT lifecycle.

Original article by Ericka Chickowski.
Read the full story here.

Latest News
    Top 7 Trend Articles of 2021. . .  . . .For ISOs of Small Financial Institutions. Welcome to our annual T7 article:  a list of our favorite trend articles from the past year.  Our intent: help you organize your thoughts as your work through your strategic planning process.  We hope reviewing these articles will help you […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office.  
    A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]
    The One Test… …Is there a Test that Covers 9/11’s of the Battle? Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Twenty years ago two geek-friends and I debated the following question:  “Is there an Audit Test that covers 9/11’s of the battle?” This […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS NEW EMPLOYEE FOR INFOTEX infotex has just hired Tanvee Dhir, to be a new Data Security Analyst. “Tanvee is an outstanding addition to the team, bringing a new skillset we are eager to utilize.” says Chad Smith, NOC Manager of infotex. “I am really excited to be […]